Threat Detection Co-Op Department: Threat Detection Employment Type: Internship Location: Remote - United States Description As a Threat Co-Op you will be assisting the DeepSeas Cyber Security team in identifying and analyzing potential cyber threats by monitoring network activity, analyzing logs, conducting threat hunting, and investigating security alerts, with a focus on developing skills in identifying malicious behavior and responding to potential security incidents within an organization's systems DeepSeas Interns will walk away with: - Hands-on experience in threat detection and response practices - Develop skills in using advanced security tools and techniques - Understand the threat landscape and latest attack methodologies - Network with experienced cybersecurity professionals - Contribute to real-world security operations and incident response activities Key Responsibilities - Updating Various Documentation and process. - Maintain up-to-date knowledge bases for common troubleshooting steps. - Assist in structuring internal Confluence pages for better usability. - Create Devo Dashboards. - Build visualizations for security event trends. - Enhance existing dashboards by incorporating new data sources. - Automate reports that are currently being generated manually. - Respond to easy-to-handle RFIs. - Identify and flag inconsistencies in client data. - Creating a Virtual Lab for Testing Detection Logic. - Set up a virtual testing environment to validate new detection rules. - Simulate attack scenarios to measure rule effectiveness. - Document findings and provide feedback on rule performance. - Assist in developing a structured testing process for new detections. - Identifying Areas for Automation and Logging Improvements. - Develop guides for common workflows to help onboard future interns. - Creating Dashboard Simulations from SW Data or Data Lake. - Develop datasets for testing detection logic. - Build dashboard simulations to visualize security incidents, coverage, vulnerabilities, and overall gaps. - Compare simulated data against actual alerts to identify gaps. - Document key discussions, action items, and follow-ups. - Relay important insights back to the TDE team. - Help bridge communication gaps between different teams. Skills Knowledge and Expertise - Basic understanding of cybersecurity concepts like firewalls, intrusion detection/prevention systems, and network protocols. - Experience with log analysis tools (e.g., Splunk, ELK Stack) - Familiarity with scripting languages (e.g., Python) for automation tasks - Strong analytical and problem-solving skills - Attention to detail and ability to identify anomalies in data - Interest in cyber security threats and emerging trends Why DeepSeas? At Deep Seas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we aren’t Deep Seas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are: - We are client obsessed. - We stand in solidarity with our teammates. - We prioritize personal health and well-being. - We believe in the power of diversity. - We solve hard problems at the speed of cyber. This is your chance to join a supportive crew of teammates and an industry-leading organization that values opportunities for growth. If DeepSeas sounds like a good fit for you, send us your resume and let’s talk! Information security is everyone’s responsibility: - Understanding and following DeepSeas’s information security policies and procedures. - Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security. - Actively participating in DeepSeas’s efforts to maintain and improve information - security. - DeepSeas considers this position is as Moderate Risk with a potential to - view/access/download restricted/private client/internal data. This information must be treated with - Sensitivity and in the most secure manner. HR reserves the right to perform random background/drug - Screens to ensure the safety of client/DeepSeas data

Date Posted: 2026-04-10Country: United States of AmericaLocation: US-CA-REMOTEPosition Role Type: RemoteU.S. Citizen, U.S. Person, or Immigration Status Requirements: The ability to obtain and maintain a U.S. government issued security clearance is required.​ U.S. citizenship is required, as only U.S. citizens are eligible for a security clearanceSecurity Clearance Type: DoD Clearance: Top SecretSecurity Clearance Status: Active and existing security clearance required after day 1 At RTX, the world largest aerospace and defense company, 185,000 great minds are united by purpose and inspired to make a difference solving the world’s most complex problems. With our three market leading businesses, world-class operations and investments in research and development, we offer capabilities and opportunity no one else can. Together, we push the boundaries of known science and find new ways to connect and protect our world. Pratt & Whitney is a world leader in the design, manufacture and service of aircraft engines and auxiliary power systems and has been revolutionizing modern flight for over 100 years. Join us and help shape the future of aerospace and defense. The Pratt & Whitney Global Security Services (GSS) Threat Intelligence Lead is a cyber investigative and analytics role responsible for leading data exfiltration investigations and advancing insider threat detection capabilities within the Threat Management and Intelligence program. Operating at the intersection of cybersecurity, digital forensics, and intelligence analysis, this role focuses on identifying, investigating, and mitigating risks related to the unauthorized movement of sensitive data—including intellectual property and controlled technical information—across endpoints, cloud platforms, email systems, and removable media. The ideal candidate combines investigative experience with strong technical expertise, leveraging enterprise security tools such as Splunk and DLP platforms to detect anomalous behavior and support complex investigations. This role also incorporates open-source intelligence (OSINT) to enrich investigations and strengthen risk identification. In addition to supporting investigations, the Intelligence Lead applies behavioral analytics and trend analysis to proactively identify insider threat indicators and deliver clear, actionable intelligence. What You Will Do: - Lead complex investigations involving data exfiltration, insider threat activity, and misuse of enterprise systems. - Validate and triage alerts from DLP, SIEM, and UEBA; reconstruct user activity and data movement to establish intent, scope, and impact . - Collect, preserve, and analyze digital evidence in support of investigations, ensuring chain-of-custody and legal defensibility. - Conduct forensic analysis of file transfers, user activity, and system artifacts. - Partner with Legal and HR to ensure investigations meet regulatory and evidentiary standards. - Leverage OSINT tools and techniques (e.g., link analysis, persona development, attribution) to identify external risk indicators and potential insider collusion. - Conduct proactive threat hunting to identify previously undetected insider risk activity. - Partner with Cybersecurity (SOC), HR, Legal, Compliance, and IT to coordinate investigative actions and response strategies. - Provide subject matter expertise on data exfiltration risks, investigative findings, and mitigation actions; support escalation and response for high-risk or sensitive incidents. - Produce clear, concise investigative reports and intelligence briefings for technical and non-technical audiences. - Translate complex technical findings into actionable recommendations, including risk mitigation, corrective actions, and control enhancements. - Support the evolution of the insider threat program through process improvements, tool optimization, and policy enhancements. Qualifications You Must Have: - Bachelor’s degree in Cybersecurity, Computer Science, Criminal Justice, Intelligence Studies, or related field (or equivalent experience) and minimum 8 years experience in cyber investigations, digital forensics, insider threat, intelligence analysis, or related fields; or An Advanced Degree in a related field and minimum 5 years experience. - Proven experience conducting data exfiltration or cyber-enabled investigations. - Proven ability to interview subjects, witnesses, and complainants and compiling investigative summaries, findings, and recommendations. - Experience handling digital evidence and maintaining chain-of-custody. - Strong analytical and critical thinking skills with the ability to connect disparate data points into a clear narrative. - Excellent written and verbal communication skills, including investigative reporting and executive briefings. - U.S. Citizenship and ability to obtain and maintain a Secret or Top-Secret security clearance. Qualifications We Prefer: - Experience with data loss prevention tools and forensic platforms. - Knowledge of classified environment operations, including associated security measures and protection of sensitive information. - Experience in insider threat or threat management programs. - Background in corporate investigations, counterintelligence, or cyber threat intelligence. - Hands-on experience with OSINT tools and methodologies, including link analysis and dark web research. - Proven ability to work in cross-functional environments with HR, Legal, Compliance, and Cyber teams. - Knowledge of data classification, IP protection, and export-controlled data environments. What Sets This Role Apart: - Direct mission impact protecting sensitive aerospace technologies and national security programs. - Access to advanced investigative tools, datasets, and enterprise-scale systems. - Unique blend of cyber investigations, insider threat, and intelligence analysis. - High visibility role that engages others to recognize and mitigate risk. Please ensure the role type defined below is appropriate for your needs before applying to this role. This position is classified as: Remote: Employees who are working in Remote roles will work primarily offsite (from home). If you live within a reasonable commute of an RTX site with other colleagues you interact with, your manager will discuss whether there is a degree of onsite presence associated with this role. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 107,500 USD - 204,500 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job summary: This position performs duties remotely in a central monitoring unit and is responsible for the continuous monitoring, interpretation, communication, and documentation of video EEG tracings, cardiac rhythms and rhythm components. Population served is based on the scope of services in the department. Essential Responsibilities 1. Assists with initiating and discontinuing EKG and EEG monitoring. 2. Monitors, reviews and logs patient information including, cardiac rhythm or rhythm component changes, cardiac rhythm variances and EEG video tracings to determine baseline & variances. 3. Notifies nursing staff when leads are off or of incorrect lead placement. Assists staff with patient skin preparation and correct lead placement as necessary. 4. Notifies Registered Nurse of cardiac rhythm or rhythm component changes, and cardiac rhythm variances that indicate myocardial ischemia or acute myocardial infarction. If primary RN is not available, escalates using appropriate chain of command. 5. Notifies Registered Nurse of video EEG tracing changes. If primary RN is not available, escalates using appropriate chain of command. 6. Identifies and troubleshoots routine technical problems with the central monitoring system & initiates biomedical repairs as necessary. 7. Maintains all telemetry and EMU equipment and supplies inventory. 8. Documents patient periods off EEG or telemetry for showers, tests, and procedures. 9. Analyzes cardiac rhythm and records measurements, calculations, & interpretation of patient record in accordance with established protocols. 10. Interprets the appropriate information needed to identify each patient’s requirements relative to his or her age-specific needs. 11. Reports to RN/ MD irregularities noted on video EEG. 12. Utilizes available equipment knowledgeably and effectively; reports malfunctions and other potentially hazardous situations to charge nurse/nurse manager. 13. Prepares EEG reports as directed 14. Interprets the appropriate information needed to identify each patient’s requirements relative to his or her age-specific needs. 15. Maintain and Model Nuvance Health Values. 16. Demonstrates regular, reliable and predictable attendance. 17. Performs other duties as required. Education and Experience Requirements: · High School Diploma or equivalent · Successful completion of dysrhythmia recognition course upon hire or obtained within the employment probationary period. · Successful completion of cardiac monitoring examination and EEG competency examination. · PREFER: Cardiac monitoring experience. · PREFER: One (1) year of acute patient care experience. Minimum Knowledge, Skills and Abilities Requirements: · Maintains current knowledge of the technical operation of the central monitoring station. · Annually completes online arrythmia recognition course with 90% minimum. License, Registration, or Certification Requirements: · Current Basic Life Support (BLS) certification. Education: HS GRAD/EQUIVALENT Working Conditions: Manual: significant manual skills/motor coord & finger dexterity Occupational: Some occupational risk Physical Effort: Medium to Heavy effort. May exert up to 35 lbs. force Physical Environment: Some exposure to dirt, odors, noise, human waste, etc. Company: Vassar Brothers Medical Center Org Unit: 1608 Department: Nursing Monitor Techs Exempt: No Salary Range: $25.57 Hourly

Senior Threat Researcher Do you want to help make the world safe from cyber attack? At Corelight, we believe that the best approach to cybersecurity risk starts with the network. Attackers can evade endpoint detection, firewalls and many other technologies - but they can’t avoid leaving digital footprints on the networks they traverse. Built on open-source innovations from Zeek, Suricata and YARA and refined through years of real-world use, Corelight transforms network footprints from physical, virtual and cloud networks into actionable insights. Our customers use these insights to speed incident response and proactively hunt for threats. At Corelight, we don't just find threats; we decode the language of the network to stay steps ahead of the adversary. As a Senior Threat Researcher, you sit at the strategic intersection of our Detection Engineering and Machine Learning (ML) teams. You are the "expert bridge"—translating complex attacker behaviors into the high-fidelity data signals that power our advanced AI models. By leveraging your deep understanding of network traffic and threat actor psychology, you will guide our data scientists to solve concrete security challenges, ensuring our detections are not just innovative, but devastatingly effective against real-world attacks. Specific Responsibilities: - Architect AI-Driven Detections: Lead the independent delivery of high-quality research and code for complex network detections, authoring clear design documents that articulate technical trade-offs to stakeholders. - Bridge Detection & Data Science: Act as the network security subject matter expert for ML/AI teams, pinpointing critical signals within telemetry (Zeek, NetFlow, PCAPs) to drive feature engineering and model training. - Simulate Adversary Behavior: Utilize offensive frameworks like Caldera and Cobalt Strike to generate the synthetic lab data necessary to train and validate robust, real-world ML models. - Roadmap Alignment: Align individual research and prototyping tasks with quarterly milestones and the overarching 12-month roadmap to ensure maximum product impact. - Optimize Research Workflows: Identify gaps in current processes and actively propose improvements to team-level tools, testing frameworks, and documentation to increase overall velocity. - Mentor and Uplevel: Guide newer team members and interns through technical workflows and conduct constructive research reviews to maintain a high standard of collective output. Knowledge/Skills/Abilities needed to be successful: - Network Protocol Mastery: Deep competence in the OSI model and TCP/IP, with the ability to map emerging adversary tactics to quantitative detection strategies across protocols like HTTP/S, DNS, SMB, and TLS. - Data Science Translation: A strong understanding of the practical application of ML for behavioral data, including the ability to navigate challenges like model drift, false positives, and latency. - Network Telemetry Expertise: Proficiency in extracting and transforming network logs (Zeek, Suricata) using Python and SQL to identify subtle indicators of C2 beaconing or lateral movement. - Offensive Security Insight: Familiarity with Red Team operations and the ability to reverse-engineer attacker behaviors into programmatic detection logic. - Product-Centered Thinking: The ability to navigate ambiguity and ensure technical research projects directly support long-term product objectives and milestones. - Effective Technical Liaison: A proactive communicator who can simplify complex AI concepts for security stakeholders while providing deep domain context to data science peers. - Collaborative Mentorship: A low-ego approach to peer review and a commitment to elevating team capability through shared knowledge and constructive feedback. Qualifications/Requirements: - Professional Experience: 5+ years of experience in Threat Research, Detection Engineering, or Network Threat Hunting. - Technical Proficiency: Extensive experience analyzing network traffic with Zeek/Bro, Suricata, and Wireshark. - Scripting & Data: Strong working knowledge of Python and SQL for manipulating and analyzing massive datasets. - Security Domain Knowledge: Proficiency in mapping detections to the MITRE ATT&CK framework and simulating threats with offensive security tools. - Autonomy: Demonstrated ability to act independently on moderate-to-complex projects, exercising strong judgment in selecting technical methods. - Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Data Science, or equivalent practical experience. Fueled by investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight, Corelight is the fastest growing network detection and response platform in the industry. Our customers trust us to protect mission-critical assets in leading enterprises, government, and research institutions worldwide. We are leading the way with AI-assisted workflows, machine learning models, cloud security and SaaS-based solutions to arm defenders with the tools and knowledge they need to disrupt cyber attacks. Our team of passionate innovators are dedicated to solving some of the toughest challenges in cybersecurity, while fostering a collaborative, inclusive, and growth-oriented culture. Corelight is committed to a geographically distributed yet connected employee base with employees working from home and office locations around the world. At Corelight, we take pride in the diversity of our backgrounds and perspectives, and we are committed to fostering an inclusive environment that strengthens our company. By embracing a wide range of experiences, backgrounds, neurodiversity, talents, and approaches to problem-solving, we aim to create a workplace where everyone can thrive and contribute their best. We are looking forward to meeting you. Check us out at www.corelight.com Notice of Pay Transparency: The compensation for this position may vary depending on factors such as your location, skills and experience. Depending on the nature and seniority of the role, a percentage of compensation may come in the form of a commission-based or discretionary bonus. Equity and additional benefits will also be awarded. Compensation Range $145,000—$188,000 USD