This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Architect Engineer, Lead in Fort Bragg, NC at Booz Allen Hamilton Inc.

Date Posted: 3/25/2019

Job Snapshot

Job Description

Job Number: R0046537

Cybersecurity Architect Engineer, Lead

The Challenge:

Are you ready to take an active role in Cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of Cyber attacks? If you want to sharpen your skills by analyzing threats real-time, you want to be a Tier 2 SOC analyst.

As the lead for our Computer Network Defense (CND) Security Operations Center (SOC) team, you’ll architect Cybersecurity incident response solutions and monitor strategies and analyze threats using state-of-the-art tools like HBSS, Splunk, ESM, NSM, Netflows, IDS, StealthWatch, and ForeScout. Leveraging your leadership and management abilities, you’ll facilitate stand-ups with the team, work with staff on personal and professional development plans, coordinate team training and exercises, and act as the primary point-of-contact and advisor to the government for metrics reporting, issue or challenge identification, mitigation, and elimination, briefings or presentations, and conflict resolution. You’ll use your Cybersecurity skills to provide the SOC analyst Tier 2 functions of deep-dive incident analysis by correlating data from various sources, including determining if a critical system or data set has been impacted, advising on remediation, and supporting new analytic methods for detecting threats. Conduct the incident handling functions of containment, eradication and recovering, close out reports and lessons learned, and escalate to a Tier 3 analyst or SOC manager for malware analysis or adversity hunt mission. Review alerts to determine relevancy and urgency and communicate alerts to agencies regarding intrusions to the network infrastructure, applications, and operating systems. Create trouble tickets for alerts that signal an incident and require Tier 3 or malware analysis and hunt team responses. Collaborate with other teams to assess risk and develop improvement strategies for security posture. Monitor open source channels, including vendor sites, computer emergency response teams, systems admins, the Audit, Network, and Security (SANS) Institute, and security. Focus on maintaining current knowledge of CND threat conditions and determine which security issues may have an impact on the enterprise. Collect intrusion artifacts, including source code, malware, and Trojans and use discovered data to enable mitigation and write and publish CND guidance and reports, including engagement reports on incident findings to appropriate constituencies. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation

You’ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll manage efforts to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to build your Cybersecurity skills with hands on experience in threat assessment and incident response. Join us as we protect clients from malicious actors.

Empower change with us.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

You Have:

-7 years of experience as an information assurance specialist

-TS/SCI clearance

-BS degree or 7 years of experience with information assurance

-8570 Level II Certification, including Security+ CE, Systems Security Certified Practitioner (SSCP), or CompTIA Advanced Security Practitioner (CASP)


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.