Technical Lead - Insider Threat Operations (Remote)
UTDC1: UT-DC-Remote UT Remote DC , Washington, DC, 20024 USA
Full Time Senior-level / Expert Clearance required USD 143K - 287K
RTX
At RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space and defense.Date Posted:
2024-06-27Country:
United States of AmericaLocation:
UTDC1: UT-DC-Remote UT Remote DC , Washington, DC, 20024 USAPosition Role Type:
RemoteRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.
To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.
The following position is to join our RTX Corporate, Enterprise Services, Research Center or BBN team:
Role Overview:
Enterprise Services (ES) Cybersecurity has an immediate opening for a qualified technical leader to join RTX Cyber Defense reporting to the Associate Director of Cyber Insider Threat Operations. As the Technical Lead of Insider Threat Operations, you will be responsible for leading and enhancing the technical capabilities to detect, triage, analyze and respond to insider threats.
What You Will Do
- Perform cyber and open-source analysis in order to plan, initiate, and support Insider Threat operations and investigations. Identify and document gaps in analytic techniques and tradecraft as well as data sources and content. Provide recommendations and mitigations, collaborating with cyber engineering to improve the mission and capabilities.
- Collaborate on detection strategies, including formulating and implementing indicators to detect potential insider threats within RTX systems and networks.
- Design, implement and enhance technical solutions, such as monitoring tools and data loss prevention mechanisms to identify and mitigate insider threats.
- Collaborate on the deployment, configuration, and maintenance of insider threat detection tools and technologies, ensuring they remain effective and up to date against evolving insider threats.
- Identify and document both gaps in technical controls and instrumentation. Provide recommendations to improve insider threat detection and mitigation capabilities through proactive reviews, testing, and refinement of processes, tools, and procedures.
- Participate and lead cyber investigations into suspected insider threats, coordinating with relevant teams such as Security, HR, and Legal, to gather evidence and analyze potential risks.
- Mentor cyber insider threat analysts to improve efficiency of alert review, triage and disposition. Contribute to the growth and maturity of both the mission and team personnel through robust documentation.
- Stay updated on the latest developments and trends in insider threats, emerging and/or advanced persistent attack vectors, and industry best practices, incorporating this knowledge into RTX’s defense strategies.
- Collaborate with cyber defense and incident response teams to develop and maintain insider threat incident response plans, outlining procedures for identifying, containing, and mitigating insider incidents. Form coalitions amongst disparate groups, produce thorough and precise documentation, and execute risk-informed decision making.
- Perform other duties as assigned and as required to continuously drive process excellence.
Qualifications You Must Have:
- Typically requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience.
- Minimum 5 years with cybersecurity tools and technologies used to detect and mitigate insider threats, including, but not limited to user entity and behavior analytics (UEBA), user activity monitoring (UAM), and data loss prevention (DLP) technologies.
- Minimum 5 years of proven experience leading technical cybersecurity teams
- Minimum 5 years of technical knowledge of the insider threat detection and analysis methodologies and how to leverage technical indicators and analytics to detect internal threats.
- Must be able to effectively communicate (verbal and written) technical and operational details to peers, leadership, and stakeholders with varying levels of technical expertise.
- Experience collaborating with teams inside and outside of Security (ex. Privacy, Legal, HR).
- Strong knowledge of cybersecurity principles, practices, and technologies.
- Ability to analyze the cyber risk of complex business network to develop a cyber defense strategy to protect it.
Qualifications We Prefer:
- Preferred candidate will have experience with Operating System, cloud access, and web proxy event logs, endpoint/extended detection & response, and security incident & event management (SIEM) platforms.
- Preferred candidate will have insider threat and/or offensive cyber experience.
Location: Remote
Work Authorization: US Citizen Required - Ability to obtain security clearance is preferred.
What We Offer: Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms
Tags: Analytics Clearance Cloud Cyber defense Incident response Monitoring Physics Privacy Security Clearance SIEM Strategy Threat detection
Perks/benefits: 401(k) matching Career development Flex vacation Health care Insurance Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs