This site uses cookies. To find out more, see our Cookies Policy

Cyber Defense Operations Analyst, Mid in Fort Belvoir, VA at Booz Allen Hamilton Inc.

Date Posted: 3/9/2019

Job Snapshot

Job Description

Job Number: R0045629

Cyber Defense Operations Analyst, Mid

Key Role:

Leverage knowledge of tactical to strategic level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations. Advise on the uses of forensics, network vulnerability, and malware analysis to conduct both technical analysis of Cyber threats and events and all-source analysis of Cyber threats and their vectors and capabilities. Use both open source data and classified reporting to analyze and document the political, economic, social, and behavioral aspects of malicious Cyber activity. Provide situational awareness of local, regional, and international Cyber threats, including attribution analysis of Cyber organizations, programs, capabilities, motivations, and intent to conduct Cyberspace operations.

Basic Qualifications:

-3+ years of experience with network security

-1+ years of experience as an information security analyst or engineer

-Knowledge of log management and Security Information and Event Manager (SIEM) tools usage and architecture

-Knowledge of TCP/IP communications and how common protocols and applications work at the network level and network monitoring, analysis, troubleshooting, and configuration control technologies

-Ability to explain current information security threats, including DDoS, botnets, malware, Advanced Persistent Threats (APT), buffer overflows, SQL injection, and phishing

-Ability to develop use cases for detecting malicious and suspicious activity

-Ability to perform work from 0600-1400 (6am-2pm) Monday-Friday without shift rotation

-TS/SCI clearance

-HS diploma or GED

-DoD 8570 IAT II CSSP Analyst Certification, including Security+ or CEH

Additional Qualifications:

-Experience with working in a 24/7 Security Operations Center (SOC) preferred

-Experience with scripting in Perl, Python, and PowerShell

-Experience with deploying, configuring, or using log management and SIEM tools, including Splunk, LogRythym, McAfee ESM, IBM QRadar, and ArcSight Logger and ESM

-Experience with incident response, incident handling, or triage analysis

-Knowledge of using event escalation and reporting procedures and supporting network investigations
-Possession of excellent analytical, critical thinking, logic, and solution-orientation skills

-Possession of excellent oral and written communication skills

-BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.