IR Consultant

About Raytheon Foreground Security:

Through a strategic approach to security, Raytheon Foreground Security (RFS) enables organizations to optimize their network security investment while taking a proactive approach to protecting their most important information assets from potential threats. Foreground Security provides organizations with the full lifecycle of Information Security Services including SOC operation services, architecture and engineering, assessments, training, technology resale, and implementation and integration.

Our solutions include a combination of software, services and education to help mitigate information security risks that are a part of today's business world. RFS’ Virtual SOC offerings (V-SOC) are a next generation approach to traditional managed services. While ensuring all customer data remains on premise at their facilities we leverage our client's existing security infrastructure and integrate our patent pending ATIP (Advanced Threat Intelligence Platform) to identify critical Indicators of Compromise (IOC's). This allows our customers to leverage our expertise where they need it most - in diagnosing and responding to real incidents occurring within their network infrastructure. Our incident response and forensics capabilities are exceptional and are leveraged by many fortune 500 organizations as well as State and Local and Federal Government agencies.

Overview of the position:

Raytheon Foreground Security is searching for an Incident Response Consultant to be the subject matter expert (SME) for the definition, implementation, execution, and management of the security incident response program for our Pharmaceutical Client in the Chicago area.

During this Security Incident Response Residency, our SME will work at the day-to-day direction of the Client information security program and will be responsible for all aspects of the Client’s security incident response (IR) operations, with corporate reach-back and support from RFS management.

The RFS consultant will approach these activities in a multi-phase effort. Responsibilities include, but are not limited to:

  • Onsite security consultant for a minimum of 1 year.  This engagement will most likely have 2 distinct phases:
    • Phase I:  Will be a period of defining and implementing aspects of the Threat Intelligences and Incident Response Program for Client
    • Phase II:  Consultant will practice what has been implemented and help identify and implement efficiencies and improvements to the program
  • Consultant will provide strategic and technical support Client team as needed.  Duties will include:
    • Incident Response Management and Handling support, the building of procedures and process for Client in relation to the IR Program
    • Aid in defining Threat Intel and IR program
      • Including compromise analysis to documentation
      • Communications procedures relating to IR processes and procedures
      • Reporting and Metrics procedures for IR program
      • Handling and implementing threat intel feeds into the Client environment
      • Help define and identify efficiencies for the processes and procedures between Client and various MSSP
    • Acting as trusted security advisor to the Client
  • Working with internal SOC, MSSP, and existing security team members to drive resolution activities for IR escalations
  • Responsible for understanding and interpreting event discovery and incident response activities
  • Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting
  • Understanding the “how,” “when,” “where,” and “why” of the incident threat
  • Perform mitigation activities for current and residual risk
  • Assist with project planning and identification of mitigation activities
  • Responsible for understanding and aiding to implement solutions based on Client’s culture, security strategies, security goals, security objectives, security capabilities, and security budget

Knowledge, Skills, and Abilities:

  • Detailed knowledge of applicable security tools, technologies, and trends
  • Working knowledge/experience of network systems, security principles, and applications
  • Fundamental understanding of defense-in-depth and intelligence-driven strategies
  • Ability to mesh sound technical and security practices to problem solving
  • Excellent written and Oral Communication skills
  • Customer services oriented
  • Works effectively across functional teams
  • Ability to manage and prioritize tasks and projects

We offer:

  • Paid professional development for all employees
  • “Work hard, play hard” culture
  • 3 weeks paid vacation
  • 100% company paid medical benefits
  • Social events – happy hours, hackathons, conferences, etc.
  • 401K with matching
  • Work with awesome, like-minded people in a dedicated cyber security company