Senior Cyber Threat Hunter (Remote)

Date Posted:
2022-09-01-07:00
Country:
United States of America
Location:
UT105: UT-MD-Remote Remote Location, Remote City, MD, 20854 USA
The following position is to join our Corporate or Research Center Team:

Raytheon Technologies Corporation
Raytheon Technologies Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises four industry-leading businesses - Collins Aerospace Systems, Pratt & Whitney, Raytheon Intelligence & Space and Raytheon Missiles & Defense. Its 195,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Waltham, Massachusetts.

To realize our full potential, Raytheon Technologies is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.

Summary of Role:

Raytheon Technologies is looking for a Senior Cyber Threat Hunter to join the corporate RTX Hunt and Content Development group. Candidates filling this role will engage in industry-leading cyber threat hunting, cyber threat content development, and security tool efficacy testing. RTX's Hunt and Content Development team is a highly respected and close-knit group of cyber subject matter experts who are constantly pushing the envelope of cyber defense. RTX has a unique and exciting threat landscape, the result of our truly global footprint, with roughly 200,000 employees, nearly 1,000,000 endpoints, sites in over 100 countries, and world acclaim as a leading manufacturing, aerospace, and defense contractor.

Responsibilities:

• Create detection content to support the automated identification of threats across the environment
• Triage alerts generated from curated hunt team detection content and escalate as needed to other organizations within cybersecurity defense operations
• Perform threat hunts based on current cyber threat intelligence or recent cyber events
• Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families
• Analyze security and event logs looking for anomalies and indications of malicious behavior
• Support Security Operation Center and Incident Response activities during both times of crisis and when needed to support incident ticket triage
• Craft and test scenarios for RTX's security validation platform
• Perform micro or ad-hoc threat hunts for to answer RFIs from peers and leadership or to investigate anomalies picked up by security controls
• Document hunt team findings for easy recall and to reduce duplication of effort
• Draft and present debriefings and collaborate with other teams within RTX cybersecurity
• Lead technical discussions, projects, and debriefs with peers and senior leadership
• Develop and drive the program forward using key performance indicators, organizational key results, and other metrics
• Delegate responsibilities, hand out tasks, and lead daily threat hunt activities
• Identify opportunities for automation and content creation
• Train and mentor junior analysts

Experience/Qualifications:

The perfect candidate would have an expert knowledge and demonstrable working understanding of

• Threat hunting and content development at a global organization
• TCP/IP and how traffic navigates a network
• Security controls (firewalls, antivirus, Endpoint Detection and Response platforms, Intrusion Detection Systems, packet capture tooling, etc.) and how they can be leveraged to spot anomalies
• Cyber threat hunt methodology and how malicious activity can be identified in a network
• Malicious actors and the tools, techniques, and procedures they employ
• Why malicious actors would target an organization like RTX
• Different threat groups and the TTPs that make them unique
• Security incident and event monitoring platforms
• Log analysis and how events of interest can be linked together or corroborated
• Windows and Unix based endpoints and servers
• Cloud service providers (Azure and AWS) and how to leverage those technologies to support threat hunting
• Scripting, particularly within Python, and task automation via APIs

Education:

• BA/BS degree in Information Technology, Information Security, Computer Science, Computer Engineering, Cybersecurity, or another related field, AND 10+ years relevant work experience.
• Currently hold, or have held, a DOD 8570.01 Tier III certification

Preferred Qualification:

• Must have excellent communication skills and be able to convey technical details to audiences of differing technical aptitude
• Must be a self-starter, capable of identifying tasks and working projects with little oversight
• Candidates with previous experience supporting cybersecurity operations within a cyber fusion center are desired
• Prior experience within incident response, cyber threat hunting, or content detection development is required
• Experience using Endpoint Detection and Response platforms and other cyber threat hunt tooling is required

Location: Remote

Work Authorization: US Citizen Required

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms