This site uses cookies. To find out more, see our Cookies Policy

Cyber Threat Analyst, Mid in Blue Ash, OH at Booz Allen Hamilton Inc.

Date Posted: 4/27/2019

Job Snapshot

Job Description

Job Number: R0051378

Cyber Threat Analyst, Mid

Key Role:

Work as a member of a 24x7x365 Threat Intelligence Center (TIC) responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches, acting as a security advocate for clients. Perform highly detail-oriented work that involves conducting security threat analysis and working with clients to provide remediation strategies and guidance. Validate and characterize threats and collaborate with others, when needed and perform daily incident detection and response operations, collect host-based artifacts and perform forensic analysis to determine if the asset has been compromised. Identify compromised computers using logs, live response, and equivalent computer centric evidence sources, then form accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis or log-centric analysis (SIEM), as needed. Provide input on new detection strategies and remediation guidance to clients, analyze and assess security incidents and escalate to client resources, appropriate teammates or internal teams for additional assistance. Present analysis to other analysts for review, fine tuning, and feedback, work with the Threat Intelligence team to fine tune signatures and assist the incident response team with the incident response process. This position requires to work a 6am-6pm Panama schedule day shift or a 6pm-6am Panama schedule night shift in a 24 x 7 x 365 environment, including working and non-working days/nights following a pattern of 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off; travel is initially light at approximately 10%, but movement within and up in the organization will require travel up to 50% or more.

Basic Qualifications:

-3+ years of experience with IT

-Ability to clearly and concisely document findings to report and escalate Cyber incidents to customers and management

-Ability to take ownership of analytic work and provide constructive feedback to others

-Ability to work independently and in a team environment

-Ability to work a Panama Schedule day shift 6 am – 6 pm for a 24x7x365 environment

-Ability to travel 10-50% or more of the time

-HS diploma or GED

Additional Qualifications:

Experience with network-centric analysis (NSM), reviewing PCAP and TCP streams

Experience in deploying and scripting detection solutions with Bro-ID

Experience with host-based detection and prevention suites, including McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, or Tanium

-Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac

-Knowledge of Splunk and other SIEM technologies

-Knowledge of scripting or programming, including Python, Perl, or C

-Knowledge of APT, Cyber Crime, and other associated tactics of demonstrated critical thinking and problem-solving skills

-Possession of excellent analytical skills

-Possession of excellent oral and written communication skills

-Possession of excellent critical thinking or problem-solving skills

-Possession of excellent analytical skills

-BA or BS degree or 2 years of experience working in a professional environment

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.