This site uses cookies. To find out more, see our Cookies Policy

Incident Response Engineer, Senior in Herndon, VA at Booz Allen Hamilton Inc.

Date Posted: 11/26/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Herndon, VA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    11/26/2018

Job Description

Job Number: R0020808

Incident Response Engineer, Senior

Key Role:

Support incident response team analysts and other engineers to determine which log types have the most value for their analytics and detection. Analyze tools, processes, and procedures for responding to Cyber intrusions and come up with new methods for detecting Cyber adversaries. Deploy new monitoring infrastructure to aid the incident response team and ensure the organization has the proper Cybersecurity detection mechanisms in place. Develop and deploy new tools on the fly to assist with the detection of adversaries and meet the needs of incident response analysts.

Basic Qualifications:

-8+ years of experience with digital forensics, incident response, or information security analysis

-Experience with using Windows, Linux, and MacOS and basic internal protocols, including TCP/IP

-Experience with host-based forensic analysis and techniques

-Experience with creating automated log correlations in Splunk, ELK, or an equivalent tool used to identify anomalous and potentially malicious behavior
-Knowledge of configuring and implementing technical security solutions, including SIEM, IDAM, IDS/IPS, EDR, vulnerability management or assessment, malware, or forensics
-TS/SCI clearance with a polygraph

-BA or BS degree in IT, CS, or Cyber

Additional Qualifications:

-Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell

-Experience with tools that include Carbon Black, Tanium, ArcSight, Splunk, and Snort

-Experience with commonly used forensic toolsets, including EnCase, FTK, or BlackLight

-Active Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.