CSOC Analyst Tier 1 (3-5 Yrs Exp Required)
Support a proprietary customer contract to enable mission accomplishment by analyzing all relevant cyber security event data and other information sources for suspicious network traffic, attack indicators and potential security breaches; produce reports, assist in coordination during incidents. In support of the customer's strategic direction, key individuals support the Cyber Security Operations Center (CSOC) employing innovative technologies and techniques.
Looking for a qualified individual who can support the intrusion detection system aspects for the Monitoring & Vulnerability Analysis Team as a CSOC Analyst Tier 1 by having a predefined manifest for processing each alert and handling various situations. In certain cases of potential attack (such as widespread malicious code infections, large scale application attacks, large scale DDoS attacks, complex attacks or traces of a stealthy attack), the CSOC Analyst may be instructed, either by protocol or by managing levels inside Tier 1, to escalate the alerts to CSOC Analysts.
The qualified candidate will assess information network threats such as computer viruses, exploits, and malicious attacks; operate vulnerability assessment equipment in support of intrusion analyses;
Determines true threats, false positives and network system mis-configurations and provide solutions to issues detected in a timely manner.
Monitor for potential compromise, intrusion, deficiency, significant event or threat to the security posture and security baseline. Follow intrusion and escalation processes and procedures.
Perform daily Intrusion Detection System (IDS) analysis/monitoring and generating technical and executive summary reports
Existing Level 6: Public Trust - High Risk Background Investigation
Willing to work rotating shifts
3 - 6 years of experience in systems cyber security analysis
Working knowledge of network security management and operations
Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
Experience in computer intrusion analysis and incident response
Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
System log analysis
Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
Experience using current monitoring technologies such as: SourceFire-SNORT, ArcSight, or NetScout etc.
Current experience with cyber threats and their associated tactics, techniques, and procedures
Demonstrated ability to document processes
SIEM experience with ArcSight ESM and Logger
Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDP
Hands-on experience with NIDS (Network IDS) and HIDS (Host based IDS)
Must be able to work collaboratively across cyber threat teams and effectively communicate both written and orally
Proficiency with MS Office Applications
Ability to speak and read English
Experience with firewalls, routers or antivirus appliances a plus
Experience working on a 24x7x365 operations center environment
Experience with ArcSight SIEM tool is a plus
Experience with CA Service Desk Manager
Prior experience working in one of the following is highly desired.
Security Operations Center (SOC)/Network Operations Center (NOC)
Computer Emergency/Incident Response Team (CERT/CIRT)
GIAC Security Essentials Certification (GSEC) or
Systems Security Certified Practitioner (SSCP) or
Certified Ethical Hacker (CEH) or GIAC Incident Handler (GCIH) or GIAC Intrusion Analyst (GCIA)
Certified Information Systems Security Professional (CISSP) or
GIAC Certified Incident Handler (GCIH) or
GIAC Certified Enterprise Defender (GCED) or
GIAC Security Expert (GSE)
ArcSight Security Analyst Certification
Required Education (including Major):
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. The candidate must have a minimum of 6 - 7+ years of experience or equivalent education with experience.
141590BR 141590 Business Unit Profile
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation and training solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated $6.2 billion in 2018 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
Public Trust Current
Type Of Job
MD - Bethesda
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Raytheon is a global company that specializes in defense and other government markets.