Cyber Threat Analyst in Blue Ash, OH at Booz Allen Hamilton Inc.

Date Posted: 8/3/2018

Job Snapshot

Job Description

Job Number: R0034559

Cyber Threat Analyst

Key Role:
Work as a member of a 24x7x365 Threat Intelligence Center (TIC) responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches, acting as a security advocate for clients. Conduct highly detail-oriented work that involves security threat analysis and working with clients to remediate security issues. Validate and characterize threats, collaborate with others, when needed, and perform daily incident detection and response operations. Collect host-based artifacts and perform forensic analysis to determine if the asset has been compromised. Identify compromised computers using computer-centric evidence sources, including logs and live responses, then form accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis, or log-centric analysis (SIEM), as needed. Analyze and assess security incidents and escalate to client resources or the appropriate teammates or internal teams for additional assistance. Present analysis to other analysts for review, fine tuning, and feedback, work with the Threat Intelligence team to fine tune signatures, and assist the Incident Response team with the incident response process. This position will require travel of up to 50%.
 

Basic Qualifications:

-Ability to document findings to report or escalate Cyber incidents to customers and management clearly and concisely

-Ability to work well both independently and in a team environment

-Ability to work a Panama Schedule day shift from 6 am - 6 pm in a 24x7x365 environment

-Ability to travel 10-50% or more of the time


Additional Qualifications:

-Experience with network-centric analysis (NSM) and deploying and scripting detection solutions with Bro-ID

-Experience with host-based detection and prevention suites, incluing McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, and Tanium

-Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac

-Knowledge of Splunk and other SIEM technologies

-Knowledge of scripting or programming, including Python, Perl, or C

-Knowledge of APT, Cyber Crime, and other associated tactics

-Possession of excellent critical thinking or problem-solving skills

-Possession of excellent analytical skills

-Possession of excellent oral and written communication skills

-BA or BS degree or 2 years of experience in a professional work environment

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

AFH26, CMCL

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.