RTX
Senior Cyber Threat Hunter (Remote)
RTX, Hartford, Connecticut, United States,
UTCT1: Corp - CT - Remote Remote Location, Remote City, CT, 06101 USA
RTXAt RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space and defense.Date Posted: 2024-10-08Country: United States of AmericaLocation: UTCT1: Corp - CT - Remote Remote Location, Remote City, CT, 06101 USAPosition Role Type: RemoteRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon.The following position is to join our RTX Enterprise Services team:Role Overview:
RTX is looking for a Senior Cyber Threat Hunter to join the corporate RTX Threat Hunt Team. Candidates filling this role will engage in industry-leading cyber threat hunting, across a wide array of systems, networks, and services.What Will You Do:
Perform threat hunts based on current cyber threat intelligence, vulnerability reports, or threat research.Analyze and correlate log data from multiple sources including but not limited to workstation/server operating systems, network appliances, cloud environments, and enterprise services to identify indicators of activity ranging from anomalous to malicious.Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families.Support Security Operation Center and Incident Response activities during both times of crisis and when needed to support incident ticket triage.Craft and test scenarios for RTX’s security validation platform.Document hunt team findings for easy recall and to reduce duplication of effort.Draft and present debriefings and collaborate with other teams within RTX cybersecurity.Lead technical discussions, projects, and debriefs with peers and senior leadership.Develop and drive the program forward using key performance indicators, organizational key results, and other metrics.Delegate responsibilities, hand out tasks, and lead daily threat hunt activities.Identify opportunities for automation and content creation.Train and mentor junior analysts.Qualifications You Must Have:
Typically requires a University Degree or equivalent experience and a minimum 10 years of experience, or an Advanced Degree and a minimum 7 years experience.The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.Candidate must have a Minimum 5 years of experience in the following areas:Cyber threat hunt methodology and how to identify malicious activity in a large and complex corporate environment.Security controls (Endpoint Detection and Response platforms, Intrusion Detection Systems, Security Incident Event Management platforms, network analysis tooling, firewalls, etc.) and how they can be leveraged to identify anomalous activity.Analysis of log data associated with common enterprise services including but not limited to email, identity management, remote access, databases, endpoint administration.Cloud service providers (Azure and AWS) and how to effectively perform threat hunting within cloud environments.Windows and Unix based endpoints and servers.Qualifications We Prefer:
Scripting, particularly within Python, and task automation via APIs.Comfortable leading others.Great teacher and mentor for junior analysts.Able to work well with others on a close-knit team.Excellent communication skills and be able to convey technical details to audiences of differing technical aptitude.Self-starter, capable of identifying tasks and working projects with little oversight.Candidates with previous experience supporting cybersecurity operations within a cyber fusion center are desired.Prior experience within incident response or cyber threat hunting.Experience using Endpoint Detection and Response platforms and other cyber threat hunt tooling is required.What We Offer:
Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs.Work Location:
RemotePlease consider the following role type definition as you apply for this role:Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories).#reempowerprogramRTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
#J-18808-Ljbffr
RTXAt RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space and defense.Date Posted: 2024-10-08Country: United States of AmericaLocation: UTCT1: Corp - CT - Remote Remote Location, Remote City, CT, 06101 USAPosition Role Type: RemoteRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon.The following position is to join our RTX Enterprise Services team:Role Overview:
RTX is looking for a Senior Cyber Threat Hunter to join the corporate RTX Threat Hunt Team. Candidates filling this role will engage in industry-leading cyber threat hunting, across a wide array of systems, networks, and services.What Will You Do:
Perform threat hunts based on current cyber threat intelligence, vulnerability reports, or threat research.Analyze and correlate log data from multiple sources including but not limited to workstation/server operating systems, network appliances, cloud environments, and enterprise services to identify indicators of activity ranging from anomalous to malicious.Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families.Support Security Operation Center and Incident Response activities during both times of crisis and when needed to support incident ticket triage.Craft and test scenarios for RTX’s security validation platform.Document hunt team findings for easy recall and to reduce duplication of effort.Draft and present debriefings and collaborate with other teams within RTX cybersecurity.Lead technical discussions, projects, and debriefs with peers and senior leadership.Develop and drive the program forward using key performance indicators, organizational key results, and other metrics.Delegate responsibilities, hand out tasks, and lead daily threat hunt activities.Identify opportunities for automation and content creation.Train and mentor junior analysts.Qualifications You Must Have:
Typically requires a University Degree or equivalent experience and a minimum 10 years of experience, or an Advanced Degree and a minimum 7 years experience.The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.Candidate must have a Minimum 5 years of experience in the following areas:Cyber threat hunt methodology and how to identify malicious activity in a large and complex corporate environment.Security controls (Endpoint Detection and Response platforms, Intrusion Detection Systems, Security Incident Event Management platforms, network analysis tooling, firewalls, etc.) and how they can be leveraged to identify anomalous activity.Analysis of log data associated with common enterprise services including but not limited to email, identity management, remote access, databases, endpoint administration.Cloud service providers (Azure and AWS) and how to effectively perform threat hunting within cloud environments.Windows and Unix based endpoints and servers.Qualifications We Prefer:
Scripting, particularly within Python, and task automation via APIs.Comfortable leading others.Great teacher and mentor for junior analysts.Able to work well with others on a close-knit team.Excellent communication skills and be able to convey technical details to audiences of differing technical aptitude.Self-starter, capable of identifying tasks and working projects with little oversight.Candidates with previous experience supporting cybersecurity operations within a cyber fusion center are desired.Prior experience within incident response or cyber threat hunting.Experience using Endpoint Detection and Response platforms and other cyber threat hunt tooling is required.What We Offer:
Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs.Work Location:
RemotePlease consider the following role type definition as you apply for this role:Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories).#reempowerprogramRTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
#J-18808-Ljbffr