Job Description: Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations. This position is located in Raleigh, NC. Other potential work locations include Herndon, VA and Washington, DC.
Responsibilities will include:
Develops models for identifying incident-type activity, of malware or bad actors, using statistical analysis;
Reviews incident logs/records mining for patterns;
Researches Internet sources and threat intelligence feeds and try to find evidence in customer logs;
Explores patterns in network and system activity through log correlation using Splunk and other tools;
Investigates evidence of threats against Windows, Linux, Database, Applications, web servers, firewalls or other relevant technologies;
Tests models by injecting indicators;
Share IOC models with trusted parties for validation and collaboration;
Guide junior threat analysts;
Support shift work (1st, 2nd, or 3rd shift) as assigned.
This position can be a Salary Grade E03 or E04 based on the candidate-s qualifications as they relate to the skills, experience and responsibility requirements for the position.
US Citizenship is required;
6+ years of relevant work experience for an E03;
8+ years of relevant work experience for an E04;
Statistical modeling and analysis experience to infer possible cybersecurity threats;
Experience in analysis in investigations, such as in IT, law enforcement, military intelligence, or business analytics;
Knowledge of networking protocols;
Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM etc. log analysis;
Verbal/written communication and interpersonal skills to effectively communicate with team-members;
Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting;
Digital analysis and forensics experience using Encase, Palantir, i2 Analyst-s Notebook, FTK or similar tools or extensive statistical analysis tool experience (including extensive use of MS Excel).
Demonstrable interest in learning SQL and shell scripting;
Demonstrable interest in learning some programming skills;
Familiarity with common network vulnerability/penetration testing;
Experience with testing automation suites such as Selenium;
Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities;
Experience evaluating enterprise networks for IA/security vulnerabilities;
Splunk query-development expertise;
Experience on an Incident Response team performing Tier I/II initial incident triage;
Excellent writing skills.
Required Education: Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.