**This position is contingent based on contract award**
Are you the type of person that wants to start-up a new company in an exploding field? Raytheon has the opportunity for you. Cyber attacks are worldwide and countries/companies are looking for their partners in solving the challenging problems. Our ideal candidate is someone with great problem-solving skills, an outgoing and energetic personality, a high degree of creativity, innovation and out-of-the box thinking all with a mind for business!
Raytheon is seeking a Cyber Threat Intelligence (CTI) Lead for the design, development, integration and operations of a Security Operations Center (SOC) in Abu Dhabi, UAE . The candidate must have proven performance delivering cyber products and technical services to the MENA region. This role will be responsible for ensuring the successful integration of cyber COTS products while working with subcontractors.
This assignment may require shift work and weekend work. All candidates must be able to work 2nd and 3rd shifts. All candidates must be able to work over the weekends.
Responsibilities will include:
• Function as a subject matter expert on security threat streams and delivering all-source intelligence productions and analytical assessments.
• Gather, analyze produce and disseminate intelligence information and products as tasked.
• Produce briefings/presentations and presents information to clients, internal stakeholders and/or leadership.
• The analyst leads TI activities as a customer surrogate in support of enterprise-level cyber security incidents, provides situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to the customer s IT infrastructure.
• The analyst is responsible for coordinating, refining and executing security threat intelligence analysis and production in a fast-paced and dynamic environment
• Works closely with cyber intelligence analysts, digital forensics investigators, malware engineers, Cyber Security Operations Center (CSOC) analysts, and customer leadership affected by cyber security events. The analyst must exhibit the ability to effectively coordinate and manage TI content production, personnel support, and executive-level communications. A successful track record of project management experience is desirable.
• Focusing on enterprise-level TI, responsibilities entail developing and operationalizing TI in support of CSOC investigations of suspected intrusions, pro-active management of enterprise information security resources, and the technical evaluation of enterprise networks, systems, and applications against the cyber threat and associated risk of cyber-attack.
• The individual will regularly engage with internal and external stakeholders to define intelligence requirements and develop innovative solutions that solve specified problems. The individual will support development of intelligence production standards and for seeking improvements in intelligence methodologies used for creating new solutions and analytical models.
• The Threat Intelligence Lead must possess Technical Expertise in one or more of the following areas: Network Security, Systems Security, Applications Security, Mobile Security
• 6 8 years of related experience
• Experience building, managing, and performing daily analytic tasks within Threat Intelligence (TI), Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Teams (CIRT);
• A clear knowledge of TI processes from a practitioner s perspective;
• An understanding of how to effectively lead teams within fast paced, ever-changing cyber operations environments;
• A forward thinking view of how TI processes and systems integrate across a CSOC organization to drive cyber operations by providing situational awareness of, and enabling active defense against cyber threats;
• Expert knowledge of threat hunting practices, including threat modeling and content development for analysis and presentation through Splunk;
• A service-first work ethic, focused on ensuring customer success;
• A mentor leadership style, focused on the continual development and growth of junior analysts;
• Self-driven and fully accountable for independent effort performed as part of a geographically dispersed team;
• Excellent communication and presentation skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences;
• Demonstrated ability to establish well-defined procedures and appropriate network mitigations strategies derived from post incident analysis and lessons learned;
• Able to lead teams developing and operationalizing TI, consisting technical personnel directly supporting incident response, system owners, and executives.
• Solid understanding of information security concepts, tools, and techniques;
• Advanced knowledge of networking concepts and web technologies;
• Advanced knowledge of Windows, UNIX / Linux, and OS X operating systems.
• Ability and willingness to share on-call responsibilities and work non-standard hours
• Experience in Devops/Agile practices and ITIL practices
• Familiarity with common network vulnerability/penetration testing
• Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques;
• Experience as a mid-to-senior level intelligence analyst, regardless of intelligence domain;
• A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats;
• Experience performing system, network, application, and malicious code analysis;
• Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports in Splunk;
• Track record of technical publication and presentation of information security topics;
• C|EH, GCIH, CISSP or equivalent certification.
• Bachelor s degree in Computer and Information Systems, Engineering, Science, or Mathematics or equivalent related experience may be considered in lieu of a degree.