Insider Threat Analyst (Remote)

Date Posted:

2025-02-25

Country:

United States of America

Location:

UTDC1: UT-DC-Remote UT Remote DC , Washington, DC, 20024 USA

Position Role Type:

Remote

RTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.

The following position is to join our RTX Enterprise Services team:

Role Overview:

Enterprise Services (ES) Cybersecurity has an immediate opening for a qualified insider threat analyst to join RTX Cyber Defense reporting to the Associate Director of Cyber Insider Threat Operations. As an insider threat analyst, you will be responsible for supporting the analysis, monitoring and triage of alerts stemming from potential insider threats.

What You Will Do:

The ideal candidate shall perform specific activities that include, but are not limited to the following:

• Perform log analysis to detect anomalies, leveraging expertise in security operations tools to monitor and safeguard sensitive data. Utilize behavioral analytics and endpoint security solutions to identify and investigate unusual patterns.
• Monitor potential data exfiltration points using data loss prevention tools and other security solutions to detect and prevent unauthorized transfers.
• Apply Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information related to insider threats.
• Identify insider threat trends and patterns to assist content teams in the development of new detection rules and models.
• Articulate the implications of the risks relative to insider threats and educate team members, peers and stakeholders on the potential impacts.
• Review data, alerts and behaviors to identify potential concerns from multiple angles, gather information and understand and articulate information gaps needed to inform decisions.
• Work independently and with teams to define and complete analysis activities.
• Document findings in a manner that technical and non-technical stakeholders understand and can articulate findings to leadership and peers.
• Perform initial analysis on data from systems to identify unexpected or malicious activity across channels while understanding how activity fits into the threat landscape.
• Assist in building processes, procedures and training for the insider threat team.
• Collaborate with stakeholders to provide suggestions and feedback for validation and improvement of various tools, models, and processes.
• Stay updated on the latest developments and trends in insider threats, emerging and/or advanced persistent attack vectors, and industry best practices, incorporating this knowledge into RTX’s defense strategies.
• Perform other duties as assigned and as required to continuously drive process excellence.

Qualifications You Must Have:

• Typically requires a University Degree or equivalent experience and a minimum 5 years of experience, or an Advanced Degree and a minimum 3 year’s experience.
• Minimum 5 years supporting a cyber insider threat program and/or a cyber incident response team, including at least 3 years with cybersecurity tools and technologies used to detect and mitigate insider threats, including, but not limited to security information and event monitoring (SIEM), user entity and behavior analytics (UEBA), user activity monitoring (UAM), data loss prevention (DLP) technologies and endpoint security solutions.
• The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Qualifications We Prefer:

• Be able to effectively communicate (verbal and written) technical and strategic details to peers, leadership, and stakeholders with varying levels of operational expertise.
• Strong knowledge of cybersecurity principles, practices, and technologies.
• Demonstrate critical thinking and problem-solving skills.
• Insider Threat specific training/certifications such as CERT Insider Threat course work or Center for Development of Security Excellence (CDSE).
• Industry certifications in information security or technology such as, CISSP, CISM, CGEIT.
• Experience collaborating with teams inside and outside of Digital Technology (ex. Privacy, Legal, HR).
• Preferred candidate will have experience with Operating System, cloud access, and web proxy event logs, endpoint/extended detection & response, and security incident & event management (SIEM) platforms.

What We Offer: Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.

Learn More & Apply Now!

Work Location: Remote

Please consider the following role type definition as you apply for this role:

Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed.

The salary range for this role is 82,000 USD - 164,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.

Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.

This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms