20 days old

Sr. Incident Response Analyst - CIR

Raytheon Technologies Corporate
Billerica, MA 01821

Raytheon Technologies Enterprise Services (ES) Cyber Security has an immediate opening for an experienced Sr. Incident Response Analyst professional (Sr. Cyber Threat Ops Tech II) to join the Cyber Incident Response (CIR) team. The Senior Cyber Incident Response Analyst should confidently determine appropriate course of action in response to identified cyber security incidents or anomalous network activity. This position is at the enterprise level and will require to work in a fast-paced collaborative environment with multiple functional and business teams. This position can be worked remotely within the United States.

Job Description:
The candidate should be an experienced information security practitioner that can collect, analyze, and interpret adverse event information and perform threat or target analysis duties. Manage, execute level three response, and determine scope of a cyber-incident. Proactively search for cyber threats to find malicious actors in Raytheon Technologies network that may go undetected by conventional network security monitoring or defenses. Prepare detailed recommendations for network defense improvements to mitigate incidents, recommend enterprise protection measures based on incident trends.

Shall perform specific activities that include, but not limited to the following:
Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.
Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine threats, attack vector, scope of activity, and appropriate response.
Collaborate and coordinate with peers and stakeholders across global functional and business unit teams as needed to analyze and respond to adverse events and incidents.
Research the latest threat intelligence, vulnerabilities, exploits, and other relevant threat information and trends on various attackers and attack infrastructure.
Collaborate with other teams within Enterprise IT Security to improve detection and monitoring, develop cyber defenses, and perform advanced network and host analysis.
Utilize cyber security tools to actively hunt for threats in the enterprise network.
Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.
Occasional travel within CONUS and OCONUS is required
Perform other duties as assigned

Required Skills:
Minimum 6+ years experience in Cyber-security and Bachelors degree or equivalent combination of related work experience and schooling/certifications in lieu od degree
Interface with Incident Response and knowledge of the IR lifecycle.
Proven experience and knowledge of advanced and persistent threats.
Capability of operating independently and in a team environment as is part of a geographically dispersed virtual team with minimal supervision.
Proficiency with MS Office Applications
Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:
Working knowledge of systems, networking, and web technologies.
Familiarity with searching, interpreting and working with data from enterprise logging systems (e.g. SIEM, syslog, netflow, DNS, IDS/IPS, proxy, email, server and system logs)
Knowledge of TCP/IP protocols and data communications schemes.
Prefer familiarity with packet analysis to include:
o HTTP Headers & Status codes
o SMTP Traffic & Status codes
o FTP Traffic & Status Codes
o DNS Queries
o PKI Certificate Exchange
Understanding of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
Knowledge of vulnerabilities, and vulnerability scanning tools.
Understanding in malware types (e.g. virus, worm, RAT, etc) containment, traffic analysis, and mitigation of malware threat
Ability to Travel domestically and internationally
This position requires the eligibility to obtain a security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.

Desired Skills:
Understanding of Cyber Kill Chain, Mitre Att&ck, and Diamond Model.
Experience developing and implementing IDS / IPS signatures and URL / IP blocks
Experience in malware triage analysis and/or sandboxing
Host based forensics using EnCase, FTK or other digital forensics tools
Scripting languages such as Python, Perl, and PowerShell
Ability to use penetration testing tools and techniques,
Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
Personality traits: Naturally curious and inquisitive nature; persistent and determined; enjoys solving problems and puzzles; analytically rigorous; uncompromising integrity; ethical.
Excellent social, written and verbal communication skills; must be able to clearly and concisely present analytical data to a variety of technical and non-technical peers, and management of all levels.
Proactive, self-driven and fully accountable for independent performance.
Strong process orientation and ability to develop, document, and follow standard work; attention to detail.
Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment.

Possess of at least one relevant professional designation or related advanced IT certification, but not limited to the following will be considered an advantage:
GIAC Certified Incident Handler (GCIH)
GIAC Certified Enterprise Defender (GCED)
GIAC Security Expert (GSE)
Certified Information Systems Security Professional (CISSP)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensics Analysts (GNFA)
GIAC Reverse Engineering Malware (GREM)
Certified Ethical Hacker (CEH)
Microsoft Certified Solutions Expert (MCSE)
Red Hat Certified Engineer (RHCE)

Required Education:
Bachelor's in Computer Science, Computer Engineering, Information Technology or related discipline or equivalent combination of related work experience and schooling/certifications in lieu of degree



Posted: 2021-04-22 Expires: 2021-05-22

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Incident Response Analyst - CIR

Raytheon Technologies Corporate
Billerica, MA 01821

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast