Security Analyst 124091BR
About Raytheon ACS
Raytheon ACS takes a strategic approach to cyber security, enabling organisations to optimise their network security investment while taking a proactive approach to protecting their most important information assets from potential threats. ACS provides organisations with the full life cycle of Information Security Services including SOC operation services, architecture and engineering, assessments, training, as well as technology solutions, implementation and integration.
Our solutions include a combination of software, services and education to help mitigate information security risks that are a part of today's business world. ACS’ Virtual SOC (V-SOC) solution is a next generation approach to traditional managed services. While ensuring all customer data remains on premise at their facilities we use our client's existing security infrastructure and integrate our US patent pending ATIP (Automated Threat Intelligence Platform) to identify critical Indicators of Compromise (IoC). This allows our customers to exploit our expertise and experience where they need it most - in diagnosing and responding to real incidents occurring within their network infrastructure. Our incident response and forensics capabilities are exceptional and are used by many Fortune 500 organisations as well as a range of US Government agencies.
About the position
At ACS, we pride ourselves on having the most highly-skilled Security Professionals in the industry. Regardless of technology or process specialisation, every Analyst is trained in the fundamentals of network security monitoring, investigative process, and incident response, and they must demonstrate mastery of these concepts on a daily basis. Our Analysts learn and do more in one year than most do in five and as a result, often have opportunities to work with customers in varying industries, regions and roles as our analysts progress within the team.
The successful candidate will be responsible for proactive monitoring and threat hunting within Raytheon customer environments, utilising diverse data feeds such as logs, full packet capture and endpoint forensic capabilities. You will be well versed in traditional SIEM incident triage and investigation processes and have a desire to see beyond the alerts and hunt across big data sets searching for anomalies and indicators of attack (IoA).
As an Analyst within the Raytheon ACS VSOC you will already possess expert knowledge of Incident handling and response and be well versed in enterprise security solutions such as IPS/IDS, SIEM, AV and Packet Capture. The successful candidate will have solid knowledge in these areas and be actively looking to expand their skill set to develop towards a more senior or consulting role.
Upon detection of Incidents, you will work with clients to provide clear Incident reports and timelines to enable them to execute successful Incident Response. Where required you will support Raytheon UK’s professional services team, delivering Incident Response/Blue Team services to clients on demand.
You will form part of an elite team within Raytheon UK and therefore will represent Raytheon and it’s interests and be the face of Raytheon to our UK clients. You will therefore deliver clear and accurate incident reports to customers and articulate incident particulars during time sensitive situations.
Successful candidates will also be hands on with investigations and need to be able to present data from investigations to a room of board level executives. Working for Raytheon ACS Security you will be part of a growing team, working alongside world class partner organizations.
Raytheon and ACS take pride in recruiting the best people in the industry. VSOC analysts are no different. Successful candidates will understand not just the theory of what attackers do, but possess the skills to perform attacks themselves to understand the audit trail left behind and how attacks can be detected. The ideal candidate will be an experienced analyst with aspirations for continued professional development, an interest in engaging with other teams and where rarely required, be able work on short term engagements on customer sites in the UK, Middle East and North America.
Main duties of the position
Primary Objective: To proactively monitor and hunt through customer environments to detect and respond to information security threats.
· Responsible for simultaneous multiple incident investigations and monitoring
· Responsible for escalation to VSOC Senior Analysts
· Responsible for providing reports to clients and Senior Analysts
· Responsible for supporting Incident Response teams, both inside customer environments
· Identify issues related to tools, processes and environments
· Keep abreast of relevant technology changes, threats, vulnerabilities and industry developments/current events
· Keep abreast of relevant geopolitical and industry developments which might influence attacks and threat actors motivations
· Develop professional skill to progress to other duties such as Senior Analyst and consultant.
The suitable candidate must have demonstrable experience as a Security Analysts or Senior Analyst within either a government or commercial environment. Advanced knowledge of IT security best practice, common attack types and detection / prevention methods including:
- Web attacks,
- Malicious code,
- Obfuscation (and associated techniques of AV & IPS/IDS evasion.),
- Snort/FireSight/SourceFire & Similar Products
- PII breach,
- Directory Traversal,
- SQL Injection,
- (D)DoS ((Distributed)Denial of Service)
- Experience with at least one of the following SIEM/NSM tools and the terminology associated with them:
- McAfee NSM,
- Trend Micro Deep Security.
- Lead on major Incidents
- Mentoring/Developing Junior Analysts
- Developing processes/work instructions
- At least one of the following Professional certifications:
- CREST – CRIA, CCHIA, CCNIA
- SANS Certified Intrusion Analyst (GCIA)
- Certified Incident Handler (GCIH)
- CCNA R&S/Security
- Vendor Specific SIEM Certification
- Previous experience of working within a commercial environment
- Certified Information Systems Security Professional (CISSP)
- Experience with ISO27001 standards and ITIL framework.
- Strong understanding of penetration testing methodologies
- Excellent interpersonal skills for customer liaison
- Excellent written and oral communication skills
- An inquisitive mind and a desire to promote innovation
- A desire to learn and constantly expand your horizons
- Ability to work closely with others in a small team
- Ability to work under pressure High degree of initiative and flexibility
- Willingness to travel if required
- Ability to work independently
Raytheon Career Development
Raytheon has a wealth of resources available to help you develop your career from the moment you join.
- 25 days holiday
- Annual Bonus
- Car Allowance
- Contributory Pension Scheme
- Life Assurance
- Flexible Benefits
- Enhanced sick pay scheme