CSOC Analyst (T2) - NC

at  Raytheon

ALL CANDIDATES MUST HAVE WORK EXPERIENCE AS A SOC ANALYST IN ORDER TO BE CONSIDERED. ALL SOC ANALYST EXPERIENCE MUST BE LISTED ON THE RESUME.

An experienced CSOC T2 Analyst is needed in Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC). The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
Location: Morrisville, North Carolina (Hybrid)

Key Job Responsibilities:

• Identification of Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incidents

Job responsibilities will include:

• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
• Follows strict guidance on reporting requirements
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with US-CERT
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Leads analyzing/investigating reports or anomalies

Requirements:

• Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
• Must have 5+ years of relevant work experience and a Bachelor’s degree
• 3+ years IT security experience
• 2+ years’ experience in network traffic analysis

• Strong working knowledge of:

  – Boolean Logic
  – TCP/IP Fundamentals
  – Network Level Exploits
  – Threat Management

  – Regular Expressions

• Knowledge of Control Frameworks and Risk Management techniques

• Excellent oral and written communication skills
• Excellent interpersonal and organizational skills
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
• Strong understanding of common IDS/IPS architectures and implementations
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
• The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Desired Skills:

• Splunk experience, developing queries, data models, and dashboards
• Cloud monitoring experience is a plus
• Excellent writing skills

Required Education:
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.
Certifications (one or more are desired):
DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA

POSITION ROLE TYPE:

Hybrid
This position is CONTINGENT upon funding, an open position, customer approval, completion of a favorable background investigation, and the ability to obtain and maintain our customer’s sensitive clearance.

Key Job Responsibilities:

• Identification of Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incident

Job responsibilities will include:

• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
• Follows strict guidance on reporting requirements
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with US-CERT
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Leads analyzing/investigating reports or anomalie