Cyber Incident Response Analyst, Lead in Quantico, VA at Booz Allen Hamilton Inc.

Date Posted: 9/23/2018

Job Snapshot

Job Description

Job Number: R0033256

Cyber Incident Response Analyst, Lead

Key Role:

Lead a team of operators and analysts in monitoring, detecting, and responding to all malicious activity throughout a client’s enterprise network, including classified environments. Provide leadership and oversight on conducting real-time analysis of ongoing IA and CND events on the enterprise network, including identifying incidents and making recommendations to protect the network. Lead efforts in collecting and analyzing network and computing events presented via numerous sources to identify and document malicious or unauthorized activity. Analyze and maintain formal security incident response processes and procedures. Contribute to a team of security professionals deploying various techniques to discover and resolve evidence of malicious activity and open vulnerabilities on the enterprise network. Lead specialized teams that conduct defensive Cyber counter-infiltration operations against advanced persistent threats (APTs) within the Enterprise Network. Provide leadership and supervision to a technical team of up to 40 analysts and operators.

Basic Qualifications:

-8+ years of experience with Cybersecurity or information assurance

-5+ years of experience with Cyber network defense tools, tactics, and techniques in a computer network defense environment

-5+ years of experience with managing personnel in an information assurance environment, including 24 x 7 x 365 shift schedules

-Experience with handling national state level intrusions

-Experience with analyzing and communicating network security issues to peers and management

-Top Secret clearance

-HS diploma or GED

-DoD 8570 IAT Level III Certification, including CISSP, CASP, GCIH, or GCED

-CSSP Analyst or CSSP Incident Responder Certification, including GCIA, CEH, GCIH, or CFR

Additional Qualifications:

-Experience in implementing or assessing compliance with DoD, Department of Navy (DON), or US Marine Corps (USMC) CND policies, regulations, and compliance documents

-Experience with refining event correlation rules and developing custom signatures to enhance network protection

-Experience with requesting, tracking, and validating refinements to an enterprise Security Information and Event Manager (SIEM)

-Ability to adhere to project schedule and recommend changes to maintain positive project outcomes, as necessary

-BA or BS degree in IT or CS

-Professional level certification in one or more technical fields or computing environment (CEs), including Windows, UNIX, or Red Hat Linux


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.