Cyber Security Forensic Analyst
Morrisville, North Carolina
How do you protect against those with bad intentions? You create innovative technical processing solutions and collaborate with some of the finest talent in the IT field. Whether you’re an Information Systems Technologist or an Encryption Strategy Expert, at Raytheon you’ll grow a varied and rewarding career. And you’ll be supported with a comprehensive and competitive benefits package that promotes work/life balance. If you’re ready to take on today’s big challenges, discover a world of opportunity at Raytheon.
- America’s Best Large Employers by Forbes
- Career & Development Opportunities
- Entry, Mid, Senior
Raytheon is looking to hire an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network.
An experienced Cyber Forensic Analyst is needed to support the customer team in Morrisville, N.C.
This can be a G08 or G09, depending on candidate qualifications.
Job Responsibilities will include:
- Conducts analysis of cybercriminal entities' use of technology to target, collect, and exploit customer information and information systems, personnel, and operations.
- Participate in security education programs and briefings
- Performs open source research to enable and facilitate the identification of cybercriminals, tools and techniques.
- Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
- Delivers reports, briefings, and assessments to customers and leadership, facilitating understanding of cyber threat entities and environments
- Prepares and presents briefings as subject matter expert as required
- Develops and maintains relationships with U.S. Government agencies and personnel involved in cybercriminal analysis and investigations to discuss mutual problems and requirements.
- Acquire and parse static and volatile digital evidence; with emphasis on Windows Operating systems and internet of things (IOT) devices
- Performs forensic examinations on mobile devices; to include but not limited to identifying user and malware activity
- Conducts intrusion forensics to identify user and or malware activity in any of the following areas: malware persistence, evidence of program execution, evidence of historical data
- Performs Host and Application Event Log Analysis to determine user and or malware activity
- Investigates registry artifacts created by malware and or user activity
- Examines third party browser forensics and browser artifacts; to include but not limited to Internet Explorer, Chrome and Firefox.
- The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
- 4+ years work experience in a cyber security role; with special emphasis in any of the following areas: Cyber Security Operation Center (CSOC), Threat Hunting, Threat Intelligence, Threat Monitoring, and/or Incident Response
- Strong understanding of forensic methodology and incident response framework
- Expertise with investigating artifacts created by user and or malware activity on current Windows operating systems
- High proficiency in windows filesystem and time structure; can identify how artifacts are modified and is able to perform timeline analysis
- Possess a strong working knowledge of all Microsoft applications (i.e., Word, Excel, PowerPoint, and Access)
- Able to communicate effectively orally and in writing to include investigative reports
- Must be able to work independently and as a member of a team
- Must be on call after work hours for any incident response emergency
- Excellent communication and interpersonal skills
- Experience using Cellebrite for mobile device investigation is highly desired
- Experience using EnCase Forensic 7 or 8 is highly desired
- Experience using Digital Intelligence FRED Forensic Workstation is highly desired
- Understanding with cyber security development projects and programs for U.S. Government and/or commercial clients
- Involvement with process development and deployment
- Knowledge in information technologies to include computer hardware and software, operating systems, and networking protocols
- Experience performing network traffic analysis
- Experience using Splunk and or ELK Stack for analysis
- Experience developing and deploying forensic triage kits
Bachelor’s Degree in related field Two years of related work experience may be substituted for each year of degree level education.
Any one of the following certifications:
- SANS -- GIAC Certified Forensic Examiner (GCFE)
- SANS -- GIAC Certified Forensic Analyst (GCFA)
- SANS -- GIAC Advanced Smartphone Forensics (GASF)
- EnCase – Certified Forensic Security Responder (CFSR)
Business Unit Profile
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated $6.1 billion in 2017 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
Public Trust Current
Computer/Management Information Systems
Type Of Job
NC - Morrisville
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
What does it take to be successful at Raytheon? Check out these traits to see if you have the right mix.
- Team player
Luke is a Global Business Services IT Intern on the Integrated Logistics Support Finance team. He’s working on redesigning a dashboard that Raytheon financial analysts use to track the metrics, progress, and critical components that are used for all products manufactured in Andover, Massachusetts.
401(k) / Retirement Plans
Employer Matching, if you elect to enroll company matches up to 3%.
Work / Life Balance
Raytheon supports a variety of flexible work arrangements including compressed work weeks, flextime, job sharing, 9/80, reduced hours and telecommuting.
At Raytheon, we foster an inclusive culture of professional development. We support a variety of developmental opportunities including: Mentoring programs, Skills Development, Leadership Development, Rotational job assignments, and Continuous Improvement, all of which contribute to advancement of our employee’s capabilities.
Paid Time Off
Accrue paid time off monthly. Receive 10-12 holidays per year with some locations shutting down the week between Christmas and New Year’s Day.
Select technical positions are eligible for relocation packages. See specific job description for eligibility requirements.
Raytheon offers all eligible employees up to three weeks paid parental leave for the birth or adoption of a child (separate from paid maternity leave or Family & Medical Leave Act).