This site uses cookies. To find out more, see our Cookies Policy

Computer Network Defense/Incident Response Analyst in Arlington, VA at Booz Allen Hamilton Inc.

Date Posted: 2/12/2019

Job Snapshot

Job Description

Job Number: R0048050

Computer Network Defense/Incident Response Analyst

Key Role:

Apply knowledge of tactical to strategic level intelligence analysis of Cyber threats, vectors, and actors to support Cyber defense and computer network operations. Advise on the uses of forensics, network vulnerability, and malware analysis to conduct both technical analysis of Cyber threats and events and all-source analysis of Cyber threats and their vectors and capabilities. Use both open source data and classified reporting to analyze and document the political, economic, social, and behavioral aspects of malicious Cyber activity and provide situational awareness of local, regional, and international Cyber threats, including attribution analysis of Cyber organizations, programs, capabilities, motivations, and intent to conduct Cyberspace operations. Provide work leadership to junior employees.

Basic Qualifications:

-5 years of experience with information assurance (IA) metrics, data collection methodologies, data collating and reporting in an operational testing environment, Mandiant Incident Response (MIR), FireEye, Cisco WebProxy, Splunk, Bro IDS, Solara, Wireshark, and open or closed source network defense tools or products, vulnerability assessments, results analysis, and recommended risk mitigation solutions, forensic investigation of network intrusion and recreating an incident from information gathered on compromised systems using tools, including EnCase, and incident response, including preparation, detection, containment, eradication, recovery, and follow-up

-Experience with conducting active hunting for network intrusion on a network involving manual packet capture analysis, DNS log review, open source and closed source intelligence analysis

-Experience with creating detailed reports on attack trends and recommended mitigations that are suitable for both senior leaders and technical audiences

-Experience with gathering, analyzing and implementing defenses against Indicators of Compromise (IOC) gathered from open forums, closed forums, mailing lists and directed research

-Knowledge of IA as it relates to operational testing, incident response, and computer network defense

-Knowledge of network attack patterns, detection techniques, trends, threat actors and techniques for defending a network against these attacks

-TS/SCI clearance

-BS degree in CS, Engineering, Mathematics, or Business

-DoD 8570 IAT-II Level Security Professional Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.