Incident Response Analyst in Arlington, VA at Booz Allen Hamilton Inc.

Date Posted: 8/10/2018

Job Snapshot

Job Description

Job Number: R0012900

Incident Response Analyst

Key Role:

Monitor, analyze, and detect Cyber events and incidents within information systems and networks. Consult on integrated, dynamic Cyber defense and leverage Cybersecurity solutions to administer Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions. Participate in testing, deploying, and administering the infrastructure hardware and software which are required to effectively manage the organization’s Cybersecurity operational services.


Basic Qualifications:

-5+ years of experience with host investigations

-Experience in preserving evidence integrity according to standard operating procedures or national standards, protecting a network against malware, and recognizing and categorizing types of vulnerabilities and associated attacks

-Experience with collecting intrusion artifacts, including source code, malware, and Trojans and use discovered data to enable the mitigation of potential computer network defense incidents within the enterprise

-Experience with performing real-time computer network defense incident handling, including forensic collections, intrusion correlation or tracking, threat analysis, and direct system remediation tasks to support deployable Incident Response Teams (IRTs)

-Experience with writing and publishing computer network defense guidance and reports on incident findings to appropriate constituencies

-Knowledge of general attack stages, including foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, and covering tracks

-Knowledge of incident response and handling methodologies

-Ability to obtain a security clearance

-HS diploma or GED

Additional Qualifications:

-Knowledge of different operational threat environments, including first generation script kiddies, second generation non-nation state sponsored, and third generation nation state sponsored

-Top Secret clearance

-SANS GIAC Certifications, OS Certifications, including Windows and Linux Security+, and CISSP

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

JHT

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.