Cyber Threat Analyst in Blue Ash, OH at Booz Allen Hamilton

Date Posted: 3/5/2018

Job Snapshot

Job Description

Job Number: R0024586

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Cyber Threat Analyst

Key Role:
Work as a member of a 24x7x365 threat intelligence center. Maintain responsibility for identifying malicious threat actors, thwarting hackers, and preventing data breaches, including acting as a security advocate for clients. Conduct highly detail-oriented work, including security threat analysis and working with clients to remediate security issues. Validate and characterize threats and collaborate with others, when needed, and perform daily incident detection and response operations. Collect host-based artifacts and perform forensic analysis to determine, if the asset has been compromised. Identify compromised computers using logs, live response, and equivalent computer centric evidence sources, including provide peer review of both signatures for development and resulting threat detections, and input on new detection strategies and remediation guidance to clients. Develop accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis, or log-centric analysis, as needed, analyze and assess security incidents and escalate to client resources, appropriate teammates or internal teams for additional assistance, present analysis to other analysts for review, fine tuning, and feedback, work with the threat intelligence team to fine tune signatures, and assist the incident response team with the incident response process.

Basic Qualifications:

-1+ year of experience with IT
-Ability to document findings to report or escalate Cyber incidents to clients and management clearly and concisely
-Ability to work independently and in a team environment
-Ability to work a Panama Schedule day shift from 6 am-6 pm for a 24x7x365 environment
-Ability to travel 10% to 50% of the time

Additional Qualifications:
-Experience in network-centric analysis (NSM) and deploying and scripting detection solutions with Bro-ID
-Experience with host based detection and prevention suites, including McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, and Tanium
-Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac
-Knowledge of Splunk and other SIEM technologies
-Knowledge of scripting or programming, including Python, Perl, or C
-Knowledge of APT, Cyber crime, and other associated tactics
-Possession of excellent critical thinking or problem-solving skills
-Possession of excellent analytical skills
-Possession of excellent oral and written communication skills
-BA or BS degree or 2 years of experience in a professional work environment

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.