Cyber Threat Analyst in Daegu at Booz Allen Hamilton Inc.

Date Posted: 7/5/2018

Job Snapshot

Job Description

Job Number: R0002535

Cyber Threat Analyst

Key Role:

Support DoD Cybersecurity operations through the analysis of event data and other data sources for indicators of attack and potential network compromise, produce reports, and assist with defensive incident response of Cyberspace operations. Provide technical assessments, strategy, and execution recommendations for Enterprise–level networks within the Army infrastructure. Identify relevant Cyber threats within client environments through real time analysis of logs and alerts or data, including data IDS/IPS, firewall, and proxy logs files. Apply knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention. Use a combination of Open Source research of exploits or vulnerabilities, including Zero–Day, network flow, log review, event correlation, and PCAP analysis to complete investigations. Operate intrusion detection or prevention systems and other point of presence security tools. Develop comprehensive security write–ups which describe security issues, analysis, and remediation techniques to client leadership.

Basic Qualifications:

-Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful products

-Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, and anti–virus across multiple platforms

-Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate a comprehension of current and developing Cyber threats

-Ability to leverage online research tools to identify and navigate online forums, specialized Web sites, social media, and traditional sources

-Ability to coordinate and respond to events on all the monitored networks and the systems on those networks

-TS/SCI clearance

-DoD 8570 IAT Level III Certification required, including Active Security+ and CEH

Additional Qualifications:

-Experience with Cybersecurity analysis, incident response, or a related field

-Experience with leveraging all source intelligence analysis

-Experience with HBSS, Splunk, or ArcSight

-Possession of excellent oral and written communication skills in a professional consulting environment

-BA or BS degree in Information Security, CS, or Cyber Security


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.