25 days old

Sr. Incident Response Analyst

Raytheon Technologies Corporate
Farmington, CT 06032

Date Posted:



United States of America


UT2: 9 Farm Springs 9 Farm Springs, Farmington, CT, 06034 USA

Raytheon Technologies

Raytheon Technologies Corporation is an aerospace and defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises four industry-leading businesses Collins Aerospace Systems, Pratt & Whitney, Raytheon Intelligence & Space and Raytheon Missiles & Defense. Its 195,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions thatpush the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Waltham, Massachusetts.

Job Description:
The candidate should be an experienced information security practitioner that can collect, analyze, and interpret adverse event information and perform threat or target analysis duties. Manage, execute level three response, and determine scope of a cyber-incident. Proactively search for cyber threats to find malicious actors in Raytheon Technologies network that may go undetected by conventional network security monitoring or defenses. Prepare detailed recommendations for network defense improvements to mitigate incidents, recommend enterprise protection measures based on incident trends.

Shall perform specific activities that include, but not limited to the following:
Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.
Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine threats, attack vector, scope of activity, and appropriate response.
Collaborate and coordinate with peers and stakeholders across global functional and business unit teams as needed to analyze and respond to adverse events and incidents.
Research the latest threat intelligence, vulnerabilities, exploits, and other relevant threat information and trends on various attackers and attack infrastructure.
Collaborate with other teams within Enterprise IT Security to improve detection and monitoring, develop cyber defenses, and perform advanced network and host analysis.
Utilize cyber security tools to actively hunt for threats in the enterprise network.
Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.
Occasional travel within CONUS and OCONUS is required
Perform other duties as assigned

Required Skills:
Minimum 6+ years experience in Cyber-security preferred
Interface with Incident Response and knowledge of the IR lifecycle.
Proven experience and knowledge of advanced and persistent threats.
Capability of operating independently and in a team environment as is part of a geographically dispersed virtual team with minimal supervision.
Proficiency with MS Office Applications
Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:
Working knowledge of systems, networking, and web technologies.
Familiarity with searching, interpreting and working with data from enterprise logging systems (e.g. SIEM, syslog, netflow, DNS, IDS/IPS, proxy, email, server and system logs)
Knowledge of TCP/IP protocols and data communications schemes.
Prefer familiarity with packet analysis to include:
oHTTP Headers & Status codes
oSMTP Traffic & Status codes
oFTP Traffic & Status Codes
oDNS Queries
oPKI Certificate Exchange
Understanding of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
Knowledge of vulnerabilities, and vulnerability scanning tools.
Understanding in malware types (e.g. virus, worm, RAT, etc) containment, traffic analysis, and mitigation of malware threat
Ability to Travel domestically and internationally
This position requires the eligibility to obtain a security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.

Desired Skills:
Understanding of Cyber Kill Chain, Mitre Attack, and Diamond Model.
Experience developing and implementing IDS / IPS signatures and URL / IP blocks
Experience in malware triage analysis and/or sandboxing
Host based forensics using EnCase, FTK or other digital forensics tools
Scripting languages such as Python, Perl, and PowerShell
Ability to use penetration testing tools and techniques,
Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
Personality traits: Naturally curious and inquisitive nature; persistent and determined; enjoys solving problems and puzzles; analytically rigorous; uncompromising integrity; ethical.
Excellent social, written and verbal communication skills; must be able to clearly and concisely present analytical data to a variety of technical and non-technical peers, and management of all levels.
Proactive, self-driven and fully accountable for independent performance.
Strong process orientation and ability to develop, document, and follow standard work; attention to detail.
Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment.

Possess of at least one relevant professional designation or related advanced IT certification, but not limited to the following will be considered an advantage:
GIAC Certified Incident Handler (GCIH)
GIAC Certified Enterprise Defender (GCED)
GIAC Security Expert (GSE)
Certified Information Systems Security Professional (CISSP)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensics Analysts (GNFA)
GIAC Reverse Engineering Malware (GREM)
Certified Ethical Hacker (CEH)
Microsoft Certified Solutions Expert (MCSE)
Red Hat Certified Engineer (RHCE)

7 Years Experience with BS or BA Degree in a technical program

Or Advanced Degree with 5 years experience

or equivalent combination of related work experience and schooling/certifications in lieu of degree

Remote Work Available

  • Farmington, CT
    Billerica, MA
  • Richardson, TX
  • Washington, DC

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms


Posted: 2021-04-22 Expires: 2021-05-22

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Incident Response Analyst

Raytheon Technologies Corporate
Farmington, CT 06032

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast