To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.

The following position is to join our RTX Enterprise Services team:

Role Overview:

RTX is looking for a Senior Cyber Threat Hunter to join the corporate RTX Threat Hunt Team. Candidates filling this role will engage in industry-leading cyber threat hunting, across a wide array of systems, networks, and services. RTX's Threat team is a highly respected and close-knit group of cyber subject matter experts who are constantly pushing the envelope of cyber defense. RTX has a unique and exciting threat landscape, the result of our truly global footprint, with roughly 200,000 employees, nearly 1,000,000 endpoints, sites in over 100 countries, and world acclaim as a leading manufacturing, aerospace, and defense contractor.

What Will You Do:

• Perform threat hunts based on current cyber threat intelligence, vulnerability reports, or threat research
• Analyze and correlate log data from multiple sources including but limited to workstation/server operating systems, network appliances, cloud environments, and enterprise services to identify indicators of activity ranging from anomalous to malicious.
• Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families
• Support Security Operation Center and Incident Response activities during both times of crisis and when needed to support incident ticket triage
• Craft and test scenarios for RTX's security validation platform
• Document hunt team findings for easy recall and to reduce duplication of effort
• Draft and present debriefings and collaborate with other teams within RTX cybersecurity
• Lead technical discussions, projects, and debriefs with peers and senior leadership
• Develop and drive the program forward using key performance indicators, organizational key results, and other metrics
• Delegate responsibilities, hand out tasks, and lead daily threat hunt activities
• Identify opportunities for automation and content creation
• Train and mentor junior analysts

Qualifications You Must Have:

• Typically requires a University Degree or equivalent experience and a minimum 10 years of experience, or an Advanced Degree and a minimum 7 years experience.
• The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Candidate must have a Minimum 5 years of experience in the following areas:

• Cyber threat hunt methodology and how to identify malicious activity in a large and complex corporate environment
• Security controls (Endpoint Detection and Response platforms, Intrusion Detection Systems, Security Incident Event Management platforms, network analysis tooling, firewalls, etc.) and how they can be leveraged to identify anomalous activity
• Analysis of log data associated with common enterprise services including but not limited to email, identity management, remote access, databases, endpoint administration
• Cloud service providers (Azure and AWS) and how to effectively perform threat hunting within cloud environments
• Windows and Unix based endpoints and servers

Qualifications We Prefer:

• Scripting, particularly within Python, and task automation via APIs
• Comfortable leading others
• Great teacher and mentor for junior analysts
• Able to work well with others on a close-knit team Comfortable meeting and working via teleconference and/or videoconference
• Excellent communication skills and be able to convey technical details to audiences of differing technical aptitude
• Self-starter, capable of identifying tasks and working projects with little oversight
• Candidates with previous experience supporting cybersecurity operations within a cyber fusion center are desired
• Prior experience within incident response or cyber threat hunting
• Experience using Endpoint Detection and Response platforms and other cyber threat hunt tooling is required

What We Offer: Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.

Learn More & Apply Now!

Work Location: Remote

Please consider the following role type definition as you apply for this role:

Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed.

#reempowerprogram

This role is also eligible for the Re-Empower Program. The Re-Empower Program helps support talented and committed professionals as they rebuild their capabilities, enhance leadership skills, and continue their professional journey. Over the course of the 14-week program, experienced professionals will gain paid, on-the-job experience, have an opportunity to participate in sessions with leadership, develop personalized plans for success and receive coaching to guide their return-to-work experience. Upon completion of the program, based on performance and contributions participants will be eligible for a career at RTX.

Minimum Program Qualifications
To qualify for the RTX Re-Empower Program, candidates should:
• Be on a career break of one or more year at time of application
• Have prior experience in functional area of interest
• Have interest in returning in either a full-time or part-time position

The salary range for this role is 118,000 USD - 246,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.

Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.

This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms