CounterIntelligence Data Exfiltration Investigator
Listed on 2026-07-02
-
Security
Cybersecurity
CI&I Data Exfiltration Investigator
At Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world.
As a CI&I Data Exfiltration Investigator, you will possess and demonstrate extensive knowledge, training, and experience as it relates to identification and investigation of potential insider threats (InT) within the realm of data exfiltration. You will possess in-depth experience with User Activity Monitoring (UAM), SPLUNK (SIEM) and Endpoint DLP. While your primary focus will be within the data exfiltration arena, you must also possess and demonstrate extensive knowledge of Counterintelligence principles, have an expert level understanding of potential InT indicators and behaviors, with the ability to rapidly triage and assess multitude of cyber-related behaviors with the objective of distinguishing between actual threats and false positives.
Conduct other investigations as necessary, may be required to assist CI&I Investigations Team.
This position may be located in one of our Raytheon sites in:
Tucson, AZ, (Andover, Marlborough, Woburn, Tewksbury, MA), McKinney, TX, El Segundo, CA, Dulles, VA
- Operate independently providing expert-level data exfil investigative capabilities that include, but not limited to:
- Independently plan and conduct Data Exfiltration investigations that result in sound outcomes/determinations, capable of withstanding judicial/administrative scrutiny into noncompliance with Customer regulatory requirements, Company policies and procedures, and violations of the law.
- Write detailed, highly professional reports summarizing investigative steps/actions.
- Conduct a wide range of employee interviews, to include challenging subject interviews of those suspected of wrongdoing.
- Ensure all relevant case artifacts (unless prohibited) are securely stored in the Resolver Case Management System.
- Closely collaborate with other CI&I members, GSS colleagues, and cross-functional partners.
- Collaborate with and provide timely feedback to our partners in Enterprise Services (ES) as it relates to the refinement of tools and processes used in identifying potential indicators of concern.
- For matters involving culpability of cleared employees, ensure cognizant FSOs are provided with necessary investigative details for required adverse information reporting obligations.
- You will expand your business acumen and learn about Raytheon's offensive/defensive solutions to help U.S. government, Allies and Partners defend their national sovereignty and ensure their security.
- How CI&I's proactive CI initiatives and InT program advances Raytheon's security culture, program execution excellence, an operational productivity, as well as fosters Customer's confidence and Raytheon's competitive advantage.
- Typically requires: A University Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience
- Experience with User Activity Monitoring (UAM), SPLUNK (SIEM) and Endpoint DLP, or similar tools that are utilized in Insider Threat (InT) identification and mitigation.
- Experience with Counter-Intelligence and/or investigative experience.
- Experience with identifying, collecting and analyzing data/metrics for leadership.
- Experience with computer operating systems, computer networking and computer vulnerabilities.
- Experience with Microsoft Office and O365.
- Excellent written and verbal communication skills.
- Understanding Core Principle of Cybersecurity - Confidentiality, Integrity, and Availability
- B.A./B.S. in fields such as Criminal Justice Administration, Information Systems, National Security, Cybersecurity, Business Management/Administration, or other related fields, and a minimum of eight years of experience in…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).