How do you protect against those with bad intentions? You create innovative technical processing solutions and collaborate with some of the finest talent in the IT field. Whether you're an Information Systems Technologist or an Encryption Strategy Expert, at Raytheon you'll grow a varied and rewarding career. And you'll be supported with a comprehensive and competitive benefits package that promotes work/life balance. If you're ready to take on today's big challenges, discover a world of opportunity at Raytheon.
* America's Best Large Employers by Forbes
* Career & Development Opportunities
* Entry, Mid, Senior
Back to Job Navigation (Overview)
Principle Incident Responder (15-20 Yrs Exp Required)
Support HHS-NIH ISPS (Information Security Program Support) contract to enable mission accomplishment by analyzing all relevant cyber security event data and other information sources for suspicious network traffic, attack indicators and potential security breaches; produce reports, assist in coordination during incidents. In support of the customer's strategic direction, key individuals support the Cyber Security Operations Center (CSOC) employing innovative technologies and techniques.
Must have a current TS/SCI Clearance
The main objective of the NIH Information Security Program is to "safeguard the NIH personnel, patients, computers, networks and data that NIH relies on each day to fulfill its mission." To achieve this objective, the NIH Information Security Program has established the following strategic goals:
Reduce High Risks: Reduce NIH high risk areas; prioritize/High Value Assets (HVAs)
Improve Protections: Improve protections for data, infrastructure, and staff
Complete Visibility: Provide continuous/increased visibility into IT assets, operations, threats, and risks
Integrate NIH Privacy Coordinators into accreditation and authorization processes
These goals will be achieved via NIH-specific initiatives and government-wide projects to promote IT management best practices, including configuration and patch management, system administration, and change and operations management. These activities will also be accomplished via implementation of DHS Continuous Diagnostic & Mitigation (CDM) program guidance and technologies, the NIH information security modernization initiative, and other NIH and HHS information security projects intended to protect and serve the NIH mission, patients, and staff.
Looking for a qualified individual to lead the Incident Response Team in the detection, response, mitigation, and reporting of cyber threats affecting client networks. The Team Lead is responsible for handling assignments of the Compute Incident Response Team (CIRT) Specialist concerning escalated incidents. The incident response team lead provides specialized support by gathering, handling, examining, preparing, entering, and searching, retrieving, identifying and/or comparing digital and/or physical evidence concerning incidents with higher escalation rankings or out of the CIRT specialist expertise. The candidate uses forensically sound procedures to determine results.
The team lead observes proper evidence custody and control procedures, documents procedures and findings and prepares comprehensive written notes and reports. The team lead also analyzes network/computer threats and mitigates vulnerabilities while limiting operational impact to the Computer Network Defense (CND) mission in support of the CSOC while providing direction and guidance to the CIRT Specialist. The candidate will function as the technical incident handling domain expert with representation from all mission integrated product teams (IPTs) reporting directly to the Penetration (PEN) Testing/Incident Response Manager.
Lead and support the CIRT Specialist
Prioritization and ranking of escalated incidents
Provide support to the in the detection, response, mitigation, and reporting of cyber threats affecting client networks
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk. Accomplish this through the use of customer, community, and open source reporting
Produce status reports and briefs to senior leadership
Provide analysis for correlated information sources
Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer and client information and its information infrastructure
Assist in the education of staff on cyber threats
Liaison with other agency cyber threat analysis entities, such as intra-agency and inter- agency Cyber Threat Working Groups
Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and database queries
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.
Additional duties may include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments by provided support to the malware, forensics and mitigation teams.
Meet and maintain customer required Information Assurance training compliance
Existing US DOD TS/SCI Clearance
Willing to work rotating shifts
10+ years' experience in Intelligence collection, analysis, and reporting process/procedures
10+ years hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
Experience in computer intrusion analysis and incident response;
Computer network surveillance/monitoring;
Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures;
Experience in computer evidence seizure, computer forensic analysis, and data recovery;
Computer network forensics.
System log analysis
Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
* Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
* Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
Demonstrated ability to document processes.
The ability to respond to crises objectively.
Proficiency with MS Office Applications
Must be able to work collaboratively across agencies and physical locations
10+ years systems cyber security experience
Experience with Risk and Opportunity Management
Shell scripting experience
Experience with process development and deployment
Excellent writing skills
Prior experience working in one of the following highly desired:
Security Operations Center (SOC) /Network Operations Center (NOC)
Computer Emergency/Incident Response Team (CERT/CIRT)
Certified Information Systems Security Professional (CISSP) or
GIAC Certified Incident Handler (GCIH) or
GIAC Certified Enterprise Defender (GCED) or
CompTIA Advanced Security Practitioner (CASP)
GIAC Security Expert (GSE)
Certified Ethical Hacker or Computer Security Incident Handler (CSIH) or GIAC Certified Forensic Analyst (GCFA)
Project Management Professional Certification (PMP)
Required Education (including Major):
Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field. Must have a minimum of 10+ years' experience or equivalent education and experience.
Business Unit Profile
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation and training solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated $6.2 billion in 2018 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
TS/SCI - Current
Computer/Management Information Systems
Information and Knowledge Systems
Type Of Job
MD - Bethesda
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Raytheon is a global company that specializes in defense and other government markets.