Vacancy expired!
Investigates anomalous network activity and responds to cyber incidents within the network environment or enclave. Collects data from a variety of tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment. Provides persistent monitoring of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in compliance with company policy and external regulations. Continuously works to tune security tools to minimize false positives and maximize detection and prevention effectiveness. Collaborates with the owners of cyber defense tools to tune systems for optimum performance. Analyzes malware and attacker tactics to improve network detection capabilities. Collaborates with external companies or government agencies to share open source or classified intelligence.This person can choose to work a hybrid schedule if near our Cedar Rapids, IA location OR work remote full time. Primary Responsibilities: Shall perform specific activities that include, but not limited to the following:Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.
Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints, and other network devices to determine threats, attack vector, scope of activity, and appropriate response.
Collaborate and coordinate with peers and stakeholders across global functional and business unit teams as needed to analyze and respond to adverse events and incidents.
Research the latest threat intelligence, vulnerabilities, exploits, and other relevant threat information and trends on various attackers and attack infrastructure.
Collaborate with other teams within Enterprise IT Security to improve detection and monitoring, develop cyber defenses, and perform advanced network and host analysis.
Utilize cyber security tools to actively hunt for threats in the enterprise network.
Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.
Perform other duties as assigned.
Basic Qualifications:
Bachelor’s degree and 8 years of prior relevant experience OR
Advanced Degree in a related field and minimum 5 years of experience OR
In absence of a degree, 12 years of relevant experience is required
Must be a U.S. Person/Permanent Resident “Green Card” holder
Must be willing and able to travel up to 25% of the time
Knowledge of the IR lifecycle.
Proven experience and knowledge of advanced and persistent threats.
Host based forensics using EnCase, FTK or other digital forensics tools.
Familiarity with searching, interpreting, and working with data from enterprise logging systems (e.g., SIEM, syslog, NetFlow, DNS, IDS/IPS, proxy, email, server, and system logs).
Knowledge of TCP/IP protocols and data communications schemes.
Ability to perform packet analysis.
Preferred Qualifications:Capability of operating independently and in a team environment as is part of a geographically dispersed virtual team with minimal supervision.
Proficiency with MS Office Applications.
Proven ability to troubleshoot and solve technical issues.
Ability to extract IOC’s and TTP from malware samples.
Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
Working knowledge of systems, networking, and web technologies.
Understanding of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
Knowledge of vulnerabilities, and vulnerability scanning tools.
Knowledge of ICS/SCADA and their operational environments.
Understanding in malware types (e.g., virus, worm, RAT, etc.) containment, traffic analysis, and mitigation of malware threat.
Understanding of Cyber Kill Chain, Mitre Att&ck, and Diamond Model.
Experience developing and implementing IDS / IPS signatures and URL / IP blocks.
Experience in malware triage analysis and/or sandboxing.
Scripting languages such as Python, Perl, and PowerShell.
Collins Aerospace, a Raytheon Technologies company, is a leader in technologically advanced and intelligent solutions for the global aerospace and defense industry. Collins Aerospace has the capabilities, comprehensive portfolio, and expertise to solve customers’ toughest challenges and to meet the demands of a rapidly evolving global market.Do you want to be part of a new, exciting initiative to combine foundational IT with new digital technologies? Our Digital Technology team is driving business efficiencies and a better customer experience by connecting technologies, people, information, and processes. From making aircraft more electric, intelligent, and integrated to building new software platforms such as Internet of Things, big data, artificial intelligence, and blockchain, there’s no better place to be right now than in digital. If you’re an agile thinker who enjoys utilizing modern technology to make big improvements, then you’re a perfect fit for this team. Join Collins Aerospace to help us revolutionize the aerospace industry today!Collins Aerospace Diversity & Inclusion Statement:Diversity drives innovation; inclusion drives success. We believe a multitude of approaches and ideas enable us to deliver the best results for our workforce, workplace, and customers. We are committed to fostering a culture where all employees can share their passions and ideas so we can tackle the toughest challenges in our industry and pave new paths to limitless possibility.WE ARE REDEFINING AEROSPACE.Please consider the following role type definitions as you apply for this role.
Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products.Hybrid: Employees who are working in Hybrid roles will work regularly both onsite and offsite. Ratio of time working onsite will be determined in partnership with your leader.Remote: Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed. Regardless of your role type, collaboration and innovation are critical to our business and all employees will have access to digital tools so they can work with colleagues around the world – and access to Collins sites when their work requires in-person meetings.Some of our competitive benefits package includes:Medical, dental, and vision insurance
Three weeks of vacation for newly hired employees
Generous 401(k) plan that includes employer matching funds and separate employer retirement contribution, including a Lifetime Income Strategy option
Tuition reimbursement program
Student Loan Repayment Program
Life insurance and disability coverage
Optional coverages you can buy pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection
Birth, adoption, parental leave benefits
Ovia Health, fertility, and family planning
Adoption Assistance
Autism Benefit
Employee Assistance Plan, including up to 10 free counseling sessions
Healthy You Incentives, wellness rewards program
Doctor on Demand, virtual doctor visits
Bright Horizons, child and elder care services
Teladoc Medical Experts, second opinion program
And more!
Nothing matters more to Collins Aerospace than our strong ethical and safety commitments. As such, all U.S. positions require a background check, which may include a drug screen.Note:Background check and drug screen required (every external new hire in the U.S.)
Drug Screen only performed on re-hires who have been gone for more than 1 year
At Collins, the paths we pave together lead to limitless possibility. And the bonds we form – with our customers and with each other propel us all higher, again and again.
Apply now and be part of the team that’s redefining aerospace every day.
Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Vacancy expired!