Cybersecurity Operations Engineer and Incident Response Team Lead in Abu Dhabi at Booz Allen Hamilton Inc.

Date Posted: 11/5/2018

Job Snapshot

Job Description

Job Number: R0031419

Cybersecurity Operations Engineer and Incident Response Team Lead

Key Role:

Direct staff, including direct and indirect reports in conducting event detection, incident triage, incident handling, and hunting consulting services throughout the MENA region. Provide thought leadership for client security tool deployment and implementation. Consult and direct Cybersecurity services for intrusion detection systems, firewalls, other boundary protection devices, and any security incident management products deployed in client spaces. Provide staff and clients with training and management activities for intrusion attempts and compromises. Provide briefings for various levels of management regarding ongoing client security incidents and develop and coordinate shift schedules and deployment of staffing within client organizations. Direct the monitoring and analysis of threat network activities and exploit capabilities using multiple open source intelligence assets. Provide guidance and direction on the development and tuning of Cyber rule sets and alerts to enhance detection and prevention zone technologies in client spaces.

Basic Qualifications:

-Experience with incident response and handling 

-Experience in two or more of the following fields: security products and technologies, security engineering, networking protocols and data centers, and security analyses and investigations

-Experience in working with Cybersecurity tools and software, including Splunk, OSSEC, and McAfee security products

-Experience with project management

-BA or BS in Engineering, CS, Information Security, or Information Systems and 5 years of experience in a senior-level IR Analyst, IR Shift Manager, or IR management role or MA or MS degree in Engineering, CS, Information Security, or Information Systems and 3 years of experience in a senior-level IR analyst, IR shift manager, or IR management role

Additional Qualifications:

-Experience with managing a multi-tenant SOC

-Ability to deep dive issues and maintain focus

-Ability to be active in the training, coaching, and development of a team

-Security Certifications, including Security+, CEH, GCIA, GCIH, or CISSP

-Information Systems Security Management Professional (ISSMP) Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.