IT Security Operations Engineer Job in Tewksbury, Massachusetts US
IT Security Operations Engineer
IT Security Operations Engineer Raytheon is seeking a talented IT Security Professional with a multi-disciplined background to join our cutting edge Cyber Threat Operations team. This position is within our Information Security Operations Infrastructure team, directly supporting our advanced Cyber Threat Operations defensive initiatives. Responsibilities include: Required experience in a broad range of related technologies such as Intrusion Detection and Prevention Systems (IDS/IPS), log analysis, malware analysis, understanding network traffic flow, network traffic and packet analysis. Ability to develop, assess the viability of and manage deployment of intrusion detection signatures in a large scale production IDS environment. Maintain and support defensive security infrastructure in direct support for our Security Operations Center (SOC) and Cyber Threat Operations group as a whole Assist in advanced network security assessments and intrusion analysis (Tier 3/4), with an eye towards identifying causal events or instrument new signatures or detection mechanisms to detect and prevent future incidents. Maintain and continually evaluate cyber threat intelligence sources for changes that increase overall effectiveness and timeliness. Ability to comprehend complex regular expressions and develop new ones based on indicators of compromise. Analyze output from various security devices, incidents, and malware reports to devise new and creative ways of detecting and stopping future incidents Evaluate, recommend and implement new monitoring technologies, processes and methodologies that directly intertwine with monitoring a large enterprise Ability to write custom tools, and/or modify existing tools used for specialized detection and integration of multiple products together for seamless security functions definite plus. Ability to work with various internal organizations to gather data and formulate mitigation plans needed for effective and real time incident response Report findings, and provide countermeasure recommendations and business cases based on standard security principles, policies, standards and industry best practices Ability to work with limited direct supervision Excellent oral and written communication skills This position may require participation in an on-call rotation Required Skills, Knowledge and Experience: Bachelor's degree or equivalent experience, and 4+ years applicable work experience At least 4 years experience in information security Conversant with security concepts and techniques Demonstrable knowledge of networking (TCP/IP, topology, and security), operating systems (Windows/UNIX), and web technologies (Internet security) Ability to read and understand system data, including, but not limited to, security event logs, Netflow, SNMP Traps and database structures Ability to administer both Windows and Linux systems with understanding of file systems, RAID and OS internals Experience with analyzing forensic data concerning system and network security compromises. Hands-on administrative experience with major operating systems Familiar with the use of tools used for security analysis (tcpdump, Wireshark, snort, ngrep, nmap, strings, hexdump, md5sum, systools). Experience with Security Event Incident Management, Log Correlation and Network Behavior Anomaly detection systems (ArcSight, QRadar, Splunk, Mazu, Arbor, etc) Understanding of IDS systems (SNORT/SourceFire, Proventia, BroIDS, etc) Additional Experience/Skills, considered a plus: Programming skills, including Perl, python, shell, Java and SQL, plus web programming skills (example, ASP, JavaScript, ColdFusion) for the development of tools specific to our environment Computer Forensics and Incident Handling experience GCIH, GCIA, GCWN, GCFA, GPEN, GCUX, CISSP certifications or similar Required Education (including degree): Bachelor's degree in Computer Science, Computer Engineering, Information Systems/Technology, Electrical Engineering or other related technical field or equivalent experience Raytheon is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status, or any other protected factor.