Cyber Threat Intelligence Analyst (100507BR)

  • Raytheon
  • Herndon, Virginia, United States
  • 02/19/2018

Job Description

Job Description:Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network.A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.

Responsibilities will include:

- Provides insights to other team members on nuances of networking technologies, architectures, and network traffic analysis to support other analysts who do not have networking experience.

-Develops models for identifying incident-type activity, of malware or bad actors, using statistical analysis

- Reviews incident logs/records mining for patterns

- Researches Internet sources and threat intelligence feeds and try to find evidence in customer logs

- Explores patterns in network and system activity through log correlation using Splunk and other tools

- Investigates evidence of threats against Windows, Linux, Database, Applications, web servers, firewalls or other relevant technologies

- Tests models by injecting indicators

-Share IOC models with trusted parties for validation and collaboration.

- Guide junior threat analysts.

- Support shift work (1st, 2nd, or 3rd shift) as assigned

Required Skills:

- Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance

- 6+ years of relevant work experience and a Bachelor's degree.

- 5+ years of networking experience, with routing, switching, and packet capture and analysis experience

- Statistical modeling and analysis experience to infer possible cybersecurity threats

- Experience in analysis in investigations, such as in IT, law enforcement, military intelligence, or business analytics

- Knowledge of networking protocols

- Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM etc. log analysis

- Verbal/written communication and interpersonal skills to effectively communicate with team-members

- Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting

- Digital analysis and forensics experience using Encase, Palantir, i2 Analyst’s Notebook, FTK or similar tools or extensive statistical analysis tool experience (including extensive use of MS Excel)

Desired Skills:

- Demonstrable interest in learning SQL and shell scripting

- Demonstrable interest in learning some programming skills

- Familiarity with common network vulnerability/penetration testing

- Experience with testing automation suites such as Selenium

- Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities

- Experience evaluating enterprise networks for IA/security vulnerabilities

- Splunk query-development expertise

- Experience on an Incident Response team performing Tier I/II initial incident triage.

- Excellent writing skills

Required Education:
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.

Desired Certifications:
DODI 8570.1-M Compliance at IAT Level II;CISSP Preferred

Certified Ethical Hacker (C|EH), SFCP, GCIA


Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business. Security Clearance: Public Trust Current Relocation Eligible: No Cyber, Information and Knowledge Systems, Warfighter Support Services, All JBRaytheon ICJBMeta