Job Description: Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
Responsibilities will include :
- Provides insights to other team members on nuances of networking technologies, architectures, and network traffic analysis to support other analysts who do not have networking experience.
- Develops models for identifying incident-type activity, of malware or bad actors, using statistical analysis
- Reviews incident logs/records mining for patterns
- Researches Internet sources and threat intelligence feeds and try to find evidence in customer logs
- Explores patterns in network and system activity through log correlation using Splunk and other tools
- Investigates evidence of threats against Windows, Linux, Database, Applications, web servers, firewalls or other relevant technologies
- Tests models by injecting indicators
-Share IOC models with trusted parties for validation and collaboration.
- Guide junior threat analysts.
- Support shift work (1 st , 2 nd , or 3 rd shift) as assigned
- Must be eligible to obtain a sensitive clearance - Position of Public Trust - and may be required to obtain a higher security clearance
- 6+ years of relevant work experience
- 5+ years of networking experience, with routing, switching, and packet capture and analysis experience
- Statistical modeling and analysis experience to infer possible cybersecurity threats
- Experience in analysis in investigations, such as in IT, law enforcement, military intelligence, or business analytics
- Knowledge of networking protocols
- Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM etc. log analysis
- Verbal/written communication and interpersonal skills to effectively communicate with team-members
- Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting
- Digital analysis and forensics experience using Encase, Palantir, i2 Analyst-s Notebook, FTK or similar tools or extensive statistical analysis tool experience (including extensive use of MS Excel)
- Demonstrable interest in learning SQL and shell scripting
- Demonstrable interest in learning some programming skills
- Familiarity with common network vulnerability/penetration testing
- Experience with testing automation suites such as Selenium
- Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities
- Experience evaluating enterprise networks for IA/security vulnerabilities
- Splunk query-development expertise
- Experience on an Incident Response team performing Tier I/II initial incident triage.
- Excellent writing skills
Required Education: Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.