Honeywell International is a Fortune 100 diversified technology and manufacturing leader, serving customers worldwide with aerospace products and services; control technologies for buildings, homes and industry; automotive products; turbochargers; and specialty materials.

At Honeywell Technology Solutions Inc. (HTSI) we believe in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is done securely.

The Fusion Cell Analyst will work with multiple components in support of the subscribers of the SPAWAR Network Security Operations Center (NSOC) Computer Network Defense Service Provider (CND SP) and other supported components. The candidate will coordinate with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to expand the capabilities of the organization and provide more effective services to its subscribers. This includes accepting requirements for additional analytical capabilities and adjusting current infrastructure or the development of software to enhance detection capabilities, automate common analytical and response tasks, creating ArcSight use cases and "content" useful for all IDS analysts to achieve greater analytical economy where appropriate, and maintenance of an in-house analysis interface as a part of the CND SP network protection suite.
Additionally, the analyst will provider high-level and long term analysis beyond that of basic event and intrusion analysis to include investigation of exploits, vulnerabilities, tactics, techniques, and procedures used by attackers. The analyst will coordinate with members of the NSOC cyber threat analysis cell to ensure threat intelligence and shared cyber situational awareness is an actionable part of the organizations defensive posture.
The analyst will deliver training to intrusion detection analysts and incident responders consistent with the NSOC Network Security Monitoring and Incident Response team leaders' training policies on tools, tactics, and procedures. Analysts will be required to provide on-call support for intrusion detection and incident response activities consistent with CND SP requirements.

Basic Qualifications:

Bachelor's degree in a computer science, electrical engineering, or similarly related technical discipline plus 8 years of experience in a technical environment, or Masters Degree plus 4 years experience, or relevant certification + 10 years experience. Two years of which shall be with an accredited Computer Network Defense Service Provider or equivalent. In lieu of a degree, 16 years of related experience.



Required Knowledge and Skills:

* Expert knowledge of security concepts, protocols, processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.)
* Experience with Advanced Network Security Monitoring (NSM) and analyzing network traffic for suspicious and malicious activity
* Experience with the dissection and analysis of malware and the creation of defensive measures related to the tools, tactics, and procedures (TTPs) employed by the malicious code and its author
* Scripting Language (one or more of the following): Perl/Python/BASH
* Web Programming Language (one or more of the following): PHP/Ruby/AJAX/Javascript
* Database Development (one or more of the following): MSSQL, MYSQL, PostgreSQL
* Hands-on experience with the development of tools designed to automate analytical and response processes and tools designed to enhance detection capability.
* Ability to create and deliver customized training for intrusion analysts and incident responders relevant to current events in the cyber battle space
* Current knowledge of CYBERCOM CNDSP policies and procedures

Qualifications:

* DoD 8570 Baseline Certifications
o CISSP
o GCIA
o GCIH

As an Equal Opportunity Employer, we are committed to a diverse workforce.

Apply Now