Lead Threat Intelligence Analyst
Job Description: Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
Responsibilities will include :
- Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
- 6+ years of relevant work experience and a Bachelor’s degree
- The Lead Threat Intelligence Analyst must possess Technical Expertise in one or more of the following areas: Network Security, Systems Security, Applications Security, Mobile Security;
- Experience building, managing, and performing daily analytic tasks within Threat Intelligence (TI), Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Teams (CIRT);
- A clear knowledge of TI processes from a practitioner’s perspective;
- An understanding of how to effectively lead teams within fast paced, every changing cyber operations environments;
- A forward thinking view of how TI processes and systems integrate across a CSOC organization to drive cyber operations by providing situational awareness of, and enabling active defense against cyber threats;
- Expert knowledge of threat hunting practices, including threat modeling and content development for analysis and presentation through Splunk;
- A service-first work ethic, focused on ensuring customer success;
- A mentor leadership style, focused on the continual development and growth of junior analysts;
- Self-driven and fully accountable for independent effort performed as part of a geographically dispersed team;
- Excellent communication and presentation skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences;
- Demonstrated ability to establish well-defined procedures and appropriate network mitigations strategies derived from post incident analysis and lessons learned;
- Able to lead teams developing and operationalizing TI, consisting technical personnel directly supporting incident response, system owners, and executives.
- Solid understanding of information security concepts, tools, and techniques;
- Advanced knowledge of networking concepts and web technologies;
- Advanced knowledge of Windows, UNIX / Linux, and OS X operating systems.
- Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 50%) when required;
- Ability to obtain a U.S. Government Public Trust Clearance.
- Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques;
- Experience as a mid-to-senior level intelligence analyst, regardless of intelligence domain;
- A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats;
- Experience performing system, network, application, and malicious code analysis;
- Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports in Splunk;
- Track record of technical publication and presentation of information security topics;
- C|EH, GCIH, CISSP or equivalent certification.
B.S./B.A. in Engineering, Science, or Mathematics or a MS/MA in Engineering, Science or Mathematics or a PhD in Engineering, Science or Mathematics. Additional years of experience may be considered in lieu of degree.
Raytheon (“light of the gods”) took a shine to its place in the upper pantheon of US military contractors; the company regularly places…