Tenable / Forescout Engineer

Foreground Security - Morrisville, NC4.3

Raytheon is seeking a motivated and out-going individual for a Tenable/ForeScout Engineer position within its CISO Cybersecurity Engineering team to work jointly with systems support personnel, CISO and IT teams and integrated technologies to enhance email security for our client and ensure a secure computing environment. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.

Job description:
Responsible for implementation/deployment/support of Nessus scan engines and Tenable Security Center Continuous View systems and peripherals with Engineering, SOC, TIU, and IR.
Maintains local and network credentials Tenable Security Center and provisions access to vulnerability scanning systems. Responsible for integration of Nessus/TSC with other security and IT systems management tools (i.e. ForeScout, Cisco ISE, RedSeal, Splunk).
Responsible for developing and maintaining standard processes and operating procedures, creating technical architecture diagrams and system build documentation.
Responsible for supporting penetration testing toolset; including “fly-away kit” (i.e. laptops, VMs, wireless devices) used for internal/external penetration testing.
Works with vulnerability management team to build asset repositories and asset scan policies.

Required Skills:
The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
Excellent writing skills
Excellent communication skills
4+ years in information security operations and/or related IT operational functions
Strong Splunk experience in creating effective dashboards, hunting cyber threats using event correlation, and acting on machine intelligence to remediate vulnerabilities and risk to the enterprise
Netflow analytics for compliance and threat hunting
Work with suppliers of data (e.g., WonMug, Cisco ISE, StealthWatch) to maximize efficiency and accuracy of data feeds into Splunk. Advise suppliers of potential features in their tools that could be activated to improve security (e.g., TrustSec and Security Group Tagging in ISE)
Ability to map application components to identify security problems and provide solutions
Analyze data imports into Splunk for accuracy and completeness; compare data from the various network security tools to identify overlaps and search for gaps.
Conduct initial triage assessments of findings from network security tools
Engages with other internal and external forces to get and share information to improve processes and security posture
Troubleshoots application connectivity and performance through log analysis and network captures, etc.

Desired Skills:
Experience with Splunk, BMC Atrium, ServiceNow, and enterprise network infrastructures
Experience with Tenable Nessus, ForeScout CounterACT, Cisco ISE, MobileIron, and Tanium
Project planning experience
Excellent writing skills
Microsoft office suite of applications

Desired Certifications:

Bachelor's degree in Science, Business, technical specialty such as cyber security, computer science, management information systems or related disciplines, or a technically related field OR a combination of equivalent related education/work experience in a multi-site software services environment, or related project management experience. Master's degree preferred. 126153
Business Unit Profile
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges - from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated $6.1 billion in 2017 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world - in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
Relocation Eligible
Clearance Type
Public Trust Current
Cyber Jobs