Cyber Network Forensic Analyst Iii - Arlington, United States - Raytheon

Raytheon

Verified Company

Arlington, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Date Posted:

Country:

United States of America

Location:

VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA

Position Role Type:

Hybrid

You have been redirected to RTX's career page as we have recently transitioned from RTX to become a standalone company, which provides us with greater autonomy and opportunities for growth.

As a prospective employee of Nightwing, you'll have the chance to contribute to our continued success and shape the future of our cybersecurity, intelligence, and services offerings.

Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation's most mission impactful initiatives.

When we formed Nightwing, we brought a deep set of credentials and an unfaltering commitment to the mission.

For over four decades, our team has been providing some of the world's most technically advanced full-spectrum cyber, data operations, systems integration and intelligence support services to the U.S.

government on its most important missions.

At Nightwing, we value collaboration and teamwork. You'll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we'll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients.

Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team.

Nightwing business provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers' most demanding challenges.

Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization.

Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets

The DHS's Hunt and Incident Response Team (HIRT) secures the nation's infrastructure. HIRT provides DHS's front-line response for cyber incidents and proactive hunting for malicious cyber activity. Nightwing provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks.

Nightwing provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities.

Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans. CIS is seeking Network Forensics Cybersecurity Analysts to support this critical customer mission.

Responsibilities:

Assists the Government lead in coordinating teams in preliminary incident response investigations
Assists the Government lead with interfacing with the customer while on site
Determines appropriate courses of actions in response to identified and analyses anomalous network activity
Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
Collects network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
Collects network device integrity data and analyze for signs of tampering or compromise
Assists with realtime CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements

Required Skills:

U.S. Citizenship
Must have an active TS/SCI clearance
Must be able to obtain DHS Suitability
8+ years of directly relevant experience in network investigations
In depth knowledge of CND policies, procedures and regulations
In depth knowledge of TCP/IP protocols
In depth knowledge of standard protocols
ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
In depth knowledge and experience of Wifi networking
In depth knowledge and experience of network topologies
DMZ's, WAN's, etc.
Substantial knowledge of Splunk (or other SIEM's)
Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
Knowledge of Computer Network Defense policies, procedures, and regulations
Knowledge of defenseindepth principles and general attack stages with resp