Skip to main content
Go

Sr. Cyber Detection Engineer

Apply Now
Businesses Raytheon Technologies Corporate Job ID 01413588 Date posted 11/04/2020 City Farmington State Connecticut Country United States

Date Posted:

2020-11-03-08:00

Country:

United States of America

Location:

UT6: 4 Farm Springs 4 Farm Springs Road, Farmington, CT, 06032 USA

Raytheon Technologies

Raytheon Technologies Corporation is an aerospace and defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises four industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, Raytheon Intelligence & Space and Raytheon Missiles & Defense. Its 195,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Waltham, Massachusetts.

Job Description

Summary of Role:

We're looking for a highly motivated individual with an impeccable work ethic and a strong ability to work in a collaborative fast-moving dynamic team environment. The Cyber Detection Engineer will be responsible for planning, design, implementation and support for various Detection, SIEM & SOC/IR related tooling. The role will include maintaining stability of these various platforms and applications, ensuring operational readiness, maturing detection capabilities & developing detection logic. In addition, the Cyber Detection Engineer will coordinate with other Cyber functions, cloud brokers, app developers, and BU consumers to translate architecture and functional requirements into effective solutions that support Detection, SIEM & SOC/IR capabilities within Cyber Threat Operations. The team also provides support to all investigations, incident response and IT activities as needed.

Responsibilities:

  • Partner with Corporate SOC/IR and various BU consumers to define appropriate log visibility & detection related gaps to continuously improve cyber detect & respond capabilities.
  • Provide senior-level guidance, mentorship & direction for SIEM & Detection related efforts.
  • Assist in planning, building & implementing a global Cyber Automation Engineering, Detection & SIEM service supporting 24/7 Cyber Threat Operations.
  • Lead & provide guidance on projects to patch, upgrade, and extend SIEM platforms & related SOC/IR tooling.
  • Lead continuous improvement efforts to evaluate SIEM detection capabilities & related SOC/IR tooling efficiency and efficacy to drive continous detect & respond maturity.
  • Develop, implement, document and maintain SIEM & Detection engineering tooling management controls, standard operating procedures, narratives and test scripts.
  • Provide administration & support functions for other Cyber Automation Engineering platforms, tooling & services, as needed.
  • Troubleshoot & actively monitor SIEM platforms & SOC/IR tooling including: hardware, operating system, and applications.
  • Participate in a 24/7 on-call rotation.

Experience/Qualifications:

  • 7 - 10+ years experience in a SIEM related engineering role (i.e. Splunk, etc.).
  • Experience capturing Cyber detection requirements, baselining detection logic and implementing proactive Splunk monitoring and alerting capabilities utilizing Splunk CIM data models.
  • Experience creating and managing Splunk knowledge objects (field extractions, macros, event types, etc).
  • Experience on-boarding a wide variety of Enterprise data sources into Splunk, normalizing data, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
  • Experience utilizing both pre-built dashboards/add-ons within Splunk system and customized Splunk dashboards and search queries.
  • Hands on exposure to shell scripting and Unix/Linux/Windows System Administration.
  • Experience in leveraging REST API interfaces for integration purposes.
  • Understanding of cyber security concepts and the ability to mentor & train junior analysts/engineers.
  • Aptitude for troubleshooting, creative thinking, and problem solving.
  • Displays a sense of urgency to resolve issues quickly and efficiently.
  • Exhibits initiative and ability to quickly acquire knowledge.

Education: 

10 Years Experience with BS or BA Degree in a technical program desired

Or Advanced Degree with 7 years experience desired

Preferred Qualitification:

  • Experience implementing, deploying & maintaining Splunk Enterprise Security a plus.
  • Experience creating sophisticated security detection signatures utilizing multiple data sources & Splunk ES data models.
  • Experience with utilizing configuration automation/orchestration tools (Ansible, Chef, Puppet).
  • Experience automating Splunk maintenance tasks a plus.
  • Exhibits understanding of & production use of DevOps methodologies, especially Agile.
  • Proficient in scripting in at least one modern Object Oriented Programming/scripting language (i.e. Python, Go, etc.) a plus.
  • Thorough knowledge of Regular Expressions
  • Experience using & implementing solutions using public cloud platforms (AWS, Azure, GCP).
  • Information Security and IT certifications: GIAC, CompTIA, CISSP, Cisco, Red Hat, AWS, etc.
  • Advanced Splunk certifications (Admin & Architect a plus).

Location:

  • Primary location Farmington, CT; Remote candidates welcome

Required Immigration Status:

  • US Citizen or US Person required.
  • This position requires the eligibility to obtain a U.S. security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance.

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms


Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Apply Now

Your Saved Jobs

You have not saved any jobs.

Recently Viewed Jobs

You have no recently viewed jobs.

Sign Up for Job Alerts

Get the latest career opportunities as soon as they become available.

Interested InSearch for a category and select one from the list of suggestions. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Digital Technology, Farmington, Connecticut, United StatesRemove
  • All, Farmington, Connecticut, United StatesRemove
  • New England Engineering, Farmington, Connecticut, United StatesRemove