Monitoring and Detection Level 2 Analyst

Date Posted: 2021-08-03-07:00 Country: United States of America Location: HIA32: Cedar Rapids, IA 400 Collins Rd NE , Cedar Rapids, IA,...

Date Posted:

2021-08-03-07:00

Country:

United States of America

Location:

HIA32: Cedar Rapids, IA 400 Collins Rd NE , Cedar Rapids, IA, 52 USA

As a Monitoring and Detection Level 2 Analyst the responsibilities are varied and include investigation of anomalous network activity and responds to cyber incidents within the network environment and/or enclave. Collects data from a variety of tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment. Provides persistent monitoring of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in compliance with company policy and external regulations. Continuously works to tune security tools to minimize false positives and maximize detection and prevention effectiveness. Collaborates with the owners of cyber defense tools to tune systems for optimum performance. Analyzes malware and attacker tactics to improve network detection capabilities. Collaborates with external companies or government agencies to share open source or classified intelligence. Distributes vulnerability and threat advisories to identified consumers and may set mandatory remediation timelines. This individual can sit at any Collins Aerospace domestic location or remote.

Primary Responsibilities:

* Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.
* Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine threats, attack vector, scope of activity, and appropriate response.
* Collaborate and coordinate with peers and stakeholders across global functional and business unit teams as needed to analyze and respond to adverse events and incidents.
* Research the latest threat intelligence, vulnerabilities, exploits, and other relevant threat information and trends on various attackers and attack infrastructure.
* Collaborate with other teams within Enterprise IT Security to improve detection and monitoring, develop cyber defenses, and perform advanced network and host analysis.
* Utilize cyber security tools to actively hunt for threats in the enterprise network.
* Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.

Basic Qualifications:

* Bachelor's degree and 5 years of prior relevant experience OR Advanced Degree in a related field and minimum 3 years experience OR In absence of a degree, 9 years of relevant experience is required.

* Must be a U.S. Citizen.

* Must have or be capable of obtaining a US Department of Defense (DoD) security clearance. Candidate selected will be subject to a government security investigation/reinstatement and must meet eligibility requirements.

* Must be willing and able to travel 25% of the time domestic and globally, short notice, as required.

* Experience of interfacing with Incident Response and knowledge of the IR lifecycle.

* Proven experience and knowledge of advanced and persistent threats.

* Capability of operating independently and in a team environment as is part of a geographically dispersed virtual team with minimal supervision.

* Proficiency with MS Office Applications

* Proven ability to troubleshoot and solve technical issues

Candidate must have technical experience in the following areas:

* Working knowledge of systems, networking, and web technologies.
* Familiarity with searching, interpreting and working with data from enterprise logging systems (e.g. SIEM, syslog, netflow, DNS, IDS/IPS, proxy, email, server and system logs)
* Knowledge of TCP/IP protocols and data communications schemes.
* Experience with packet analysis to include:
* HTTP Headers and Status Codes
* SMTP Traffic & Status codes
* FTP Traffic & Status Codes
* DNS Queries
* PKI Certificate Exchange
* Understanding of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
* Knowledge of vulnerabilities, and vulnerability scanning tools.
* Understanding in malware types (e.g. virus, worm, RAT, etc) containment, traffic analysis, and mitigation of malware threat

Preferred Qualifications:

* Understanding of Cyber Kill Chain, Mitre Att&ck, and Diamond Model.
* Experience in malware triage analysis and/or sandboxing
* Host based forensics using EnCase, FTK or other digital forensics tools
* Scripting languages such as Python, Perl, and PowerShell
* Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
* Excellent social, written and verbal communication skills; must be able to clearly and concisely present analytical data to a variety of technical and non-technical peers, and management of all levels.
* Proactive, self-driven and fully accountable for independent performance.
* Strong process orientation and ability to develop, document, and follow standard work; attention to detail.
* Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment.

Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following will be considered an advantage:

* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Enterprise Defender (GCED)
* GIAC Security Expert (GSE)
* Certified Information Systems Security Professional (CISSP)
* GIAC Certified Intrusion Analyst (GCIA)
* GIAC Network Forensics Analysts (GNFA)
* GIAC Reverse Engineering Malware (GREM)
* Certified Ethical Hacker (CEH)
* Microsoft Certified Solutions Expert (MCSE)
* Red Hat Certified Engineer (RHCE)

Collins Aerospace, a Raytheon Technologies company, is a leader in technologically advanced and intelligent solutions for the global aerospace and defense industry. Collins Aerospace has the capabilities, comprehensive portfolio and expertise to solve customers' toughest challenges and to meet the demands of a rapidly evolving global market. Do you want to be part of a new, exciting initiative to combine foundational IT with new digital technologies? Our Digital Technology team is driving business efficiencies and a better customer experience by connecting technologies, people, information and processes. From making aircraft more electric, intelligent and integrated to building new software platforms such as Internet of Things, big data, artificial intelligence, and blockchain, there's no better place to be right now than in digital. If you're an agile thinker who enjoys utilizing modern technology to make big improvements, then you're a perfect fit for this team. Join Collins Aerospace to help us revolutionize the aerospace industry today! Collins Aerospace Diversity & Inclusion Statement: Diversity drives innovation; inclusion drives success. We believe a multitude of approaches and ideas enable us to deliver the best results for our workforce, workplace, and customers. We are committed to fostering a culture where all employees can share their passions and ideas so we can tackle the toughest challenges in our industry and pave new paths to limitless possibility. WE ARE REDEFINING AEROSPACE.

Some of our competitive benefits package includes:

* Medical, dental, and vision insurance
* Three weeks of vacation for newly hired employees
* Generous 401(k) plan that includes employer matching funds and separate employer retirement contribution, including a Lifetime Income Strategy option
* Tuition reimbursement
* Life insurance and disability coverage
* Optional coverages you can buy: Pet Insurance, Home and Auto, additional life insurance, accident insurance, critical illness insurance, group legal
* Ovia Health, fertility and family planning
* Employee Assistance Plan, including up to 5 free counseling sessions
* Redbrick - Incentives for a Healthy You
* Autism Benefit
* Doctor on Demand, virtual doctor visits
* Adoption Assistance
* Best Doctors, second opinion program and more!

Nothing matters more to Collins Aerospace than our strong ethical and safety commitments. As such, all U.S. positions require a background check, which may include a drug screen.

Note:

* Background check and drug screen required (every external new hire in the U.S.)
* Drug Screen only performed on re-hires who have been gone for more than 1 year

At Collins, the paths we pave together lead to limitless possibility. And the bonds we form - with our customers and with each other -- propel us all higher, again and again.

Apply now and be part of the team that's redefining aerospace, every day.

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms