Sign Up Sign Up Log In Sign Up
This job has expired and you can't apply for it anymore. Start a new search.

CSOC Analyst Tier 3

CSOC Analyst Tier 3 (10-15 Yrs Exp Required)
Support a proprietary customer contract to enable mission accomplishment by analyzing all relevant cyber security event data and other information sources for suspicious network traffic, attack indicators and potential security breaches; produce reports, assist in coordination during incidents. In support of the customer’s strategic direction, key individuals support the Cyber Security Operations Center (CSOC) employing innovative technologies and techniques.

Job Description:
Looking for a qualified individual who can support the intrusion detection system aspects for the Monitoring & Vulnerability Analysis Team as a CSOC Analyst Tier 3 by applying an advanced knowledge of information security services/analysis concepts, practices and procedures. Support will include providing oversight and guidance of analysts for detecting and evaluating intrusions.

Assess information network threats such as computer viruses, exploits, and malicious attacks; operate vulnerability assessment equipment in support of intrusion analyses
Determine true threats, false positives and network system mis-configurations and provide solutions to issues detected in a timely manner.
Monitor for potential compromise, intrusion, deficiency, significant event or threat to the security posture and security baseline. Follow intrusion and escalation processes and procedures.
Integrated Defense System/In Plane Switching (IDS/IPS) Signature Analysis, Development and Testing
Tune IDS/IPS Systems
Security Information Event Manager (SIEM) content Analysis, Development and Testing
Web Content Filtering Analysis, Development and Testing
Tune IDS/IPS Systems
Development of standard operating procedures and other technical documentation for the IDS infrastructure.
Keep abreast of developments in field of expertise to ensure knowledge base remains current.
Routinely provide guidance to and assists in the training of less experienced staff.

Required Skills:
Existing Level 6: Public Trust - High Risk Background Investigation
US Citizenship
Willing to work rotating shifts
10-15 years of experience in systems cyber security analysis
Working knowledge of network security management and operations
Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
Experience in computer intrusion analysis and incident response
Intrusion detection
Knowledge and understanding of network devices, multiple operating systems, and secure architectures
Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDP
System log analysis
Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
Experience managing, responding to and resolving situations caused by network attacks
Experience using current monitoring technologies such as: SourceFire-SNORT, ArcSight, or NetScout etc.
Current experience with cyber threats and their associated tactics, techniques, and procedures
Ability to assess information of network threats such as scans, computer viruses or complex attacks
Demonstrated ability to document processes
SIEM experience with ArcSight ESM and Logger
Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDP
Hands-on experience with NIDS (Network IDS) and HIDS (Host based IDS)
Must be able to work collaboratively across cyber threat teams and effectively communicate both written and orally
Proficiency with MS Office Applications
Experience with information network software and hardware
Strong understanding and working knowledge of current country and/or Intel security regulations, directives, and policies
Working knowledge of WAN/LAN concepts and technologies
Working knowledge of Linux/Unix, including scripting, and basic system administration.
Knowledge of signature development
IDS/IPS Signature Analysis, Development and Testing
SIEM content Analysis, Development and Testing
Familiarity with packet analysis to include:
HTTP Headers & Status codes
SMTP Traffic & Status codes
FTP Traffic & Status Codes
DNS Queries
PKI Certificate Exchange

Desired Skills:
Ability to speak and read English
Experience with firewalls, routers or antivirus appliances a plus
Experience working on a 24x7x365 operations center environment
Experience with ArcSight SIEM tool is a plus
Experience with CA Service Desk Manager
Demonstrated advanced understanding and in-depth knowledge of regular expressions
Demonstrated advanced understanding and in-depth knowledge of scripting languages (perl, python, javascript, etc.)
Demonstrated experience in Security Information Event Management (SIEM) and Intrusion Prevention System (IPS) tools
Experience establishing and maintaining good working relationships in all levels of the organization, including customers, organizations, internal management, and support organizations
Prior experience working in one of the following is highly desired:
Security Operations Center (SOC)/Network Operations Center (NOC)
Computer Emergency/Incident Response Team (CERT/CIRT)

Desired Certifications:
Certified Information Systems Security Professional (CISSP) or
GIAC Certified Incident Handler (GCIH) or
GIAC Certified Enterprise Defender (GCED) or
GIAC Security Expert (GSE) or
Certified Information Security Manager (CISM)
Certified Ethical Hacker (CEH) or GIAC Intrusion Analyst (GCIA)
ArcSight Security Analyst Certification

Required Education (including Major):
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. The candidate must have a minimum of 15+ years of experience or equivalent education with experience.


Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Company Name:
Security Clearance:
Public Trust
Bethesda, Maryland
United States
Not Specified
Job Number:

Send me email alerts for similar jobs