Job DescriptionRaytheon Intelligence & Space (RIS) - Cybersecurity, Training & Services (CTS) has an immediate opening for a Cyber Intel Regional Analyst to support a US Federal Agency contract to enable mission accomplishment by supporting the installation, configuration, capacity planning, administration, service restoration, optimization, and operational maintenance of cyber defense solutions. Identifying current and emerging threat trends, threat actors using a variety of cyber threat intelligence sources. Provide technical assessments of cyber threat actor use of cyber vulnerabilities, exploits, payloads, access infrastructures, and mission platforms. Conduct all-source research on cyber threat actors and intrusion sets (eg, APTs); evaluate both technical and Intel reporting for cyber threat activities of interest. Conduct detailed analysis of incidents, threats, vulnerabilities, tactics, techniques and procedures (TTP), and other malicious and non-malicious indicators.Work Location:National Capital Region (Rosslyn, VA)Job Description:Provides analysis and research for industry, infrastructure, technology, country, geographic area, biographic and targeted vulnerability. Prepares assessments of current events based on the sophisticated collection, research and analysis of classified and open source information. Develops and maintains analytical procedures to meet changing requirements and ensure maximum operations. Collects data using a combination of standard intelligence methods and business processes.Responsibilities:Shall perform specific activities that include, but not limited to the following:Coordinate with Cyber Defense Analysts to manage and administer the updating of rules, security content, and signatures for specialized cyber defense applicationsBuild, install, configure, and test dedicated cyber defense solutionsPerform incident resolution and root cause problem determination to ensure availability and stability of cyber defense solutionsAssist in assessing the impact of implementing and sustaining dedicated cyber defense infrastructureCreate, edit, and manage access controls on specialized cyber defense systemsDevelop and maintain documentation for operational procedures, troubleshooting aids, and technical analysis for products, features and capabilitiesDocument procedures and execute backup and recovery activities on cyber defense solutionsTrain and mentor mid-level and junior monitoring analystsRequired Skills:Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:Experience in computer intrusion analysis and incident responseWorking knowledge of Intrusion detection/protection systemsKnowledge and understanding of network devices, multiple operating systems, and secure architecturesWorking knowledge of network protocols and common servicesSystem log analysisExperience responding to and resolving situations caused by network attacksAbility to assess information of network threats such as scans, computer viruses or complex attacksWorking knowledge of WAN/LAN concepts and technologiesSIEM content Analysis, Development and TestingExperience with SIEMS (such as NetWitness, Splunk, SumoLogic, QRadar)Experience with EDR solutions (Carbon Black, Crowdstrike, FireEye, SentinelOne)Familiarity with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status CodesExcellent written and verbal communication skillsPrior experience working in any of the following:Security Operations Center (SOC)Network Operations Center (NOC)Computer Incident Response Team (CIRT)Knowledge of and practical experience of integration of COTS or open source toolsPersonality traits: Naturally curious and inquisitive nature; persistent and determined; loves solving problems and puzzles; analytically rigorous; uncompromising integrityDemonstrated ability to document processesProficiency with MS Office ApplicationsMust be able to work collaboratively across teams and physical locationsWilling to work rotating shiftsRequired Certifications:Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:Certified Information Systems Security Professional (CISSP)GIAC Certified Incident Handler (GCIH)GIAC Network Forensic Analyst (GNFA)GIAC Intrusion Analyst (GCIA)Desire Skills:Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA ArcherExperience with firewalls, routers or antivirus appliancesExperience working on a 24x7x365 watch desk environmentExperience with industry standard help desk toolsDesired Certifications:Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:GIAC Certified Enterprise Defender (GCED)GIAC Security Expert (GSE)Certified Information Security Manager (CISM)Certified Ethical Hacker (CEH)Required Education (including Major):Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field. Must have a minimum of 5+ years' experience or equivalent education and experience.US Citizen with active or ability to attain TS or TS/SCI clearanceOccasional travel within CONUS and OCONUS is requiredBusiness Unit ProfileRaytheon Intelligence & Space delivers the disruptive technologies our customers need to succeed in any domain, against any challenge. A developer of advanced sensors, training, and cyber and software solutions, Raytheon Intelligence & Space provides a decisive advantage to civil, military and commercial customers in more than 40 countries around the world. Headquartered in Arlington, Virginia, the business generated $15 billion in pro forma annual revenue in 2019 and has 39,000 employees worldwide. Raytheon Intelligence & Space is one of four businesses that form Raytheon Technologies Corporation.BusinessIntelligence, Information&Svcs Relocation EligibleNoTalent AreaCyber JobsType Of JobFull TimeJob FunctionAdministration Ability to TelecommuteNo telecommuting Clearance TypeTop Secret - Current US FLSA ClassificationExempt Equal Opportunity/Affirmative Action EmployerRaytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.Work Location:VA - Rosslyn Requisition ID: 185828BRSDL2017