Incident Response Analyst in Chantilly, VA at Booz Allen Hamilton Inc.

Date Posted: 10/31/2018

Job Snapshot

Job Description

Job Number: R0041361

Incident Response Analyst

Key Role:

Serve as an incident response analyst and maintain responsibility for identifying and responding to security threats. Maintain responsibility for incident confirmation, response, data collection, investigation, and analysis. Leverage knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention. Use a combination of open source research, network and host-based forensic analysis, log review and correlation, and pcap analysis to complete investigations. Compose and present reports on findings to leadership for intrusion incidents. Manage incident life cycle, ensuring that all investigations are kept current and are completed. Leverage excellent oral and written communication capabilities for incident response documentation, work using standard operating procedures, and exhibit flexibility to work beyond the standard daytime working hours when situations warrant.

Basic Qualifications:

-Experience with system administration, network engineering, and security engineering

-Experience with performing host or network incident response, malware analysis, or forensics

-Experience with working in a Computer Incident Response Team (CIRT), Computer Security Incident Response Center (CSIRC), or Security Operations Center (SOC)

-Knowledge of host and network log sources to apply to investigation and IR methodology in investigations

-Knowledge of networking, malware analysis, intrusion analysis, infection vector identification, and forensics

-Ability to work as a team player to analyze activity on a complex network and its end points with the goal of protecting the confidentiality, integrity, and availability of systems and data

-Ability to learn and adapt quickly

-Ability to obtain a security clearance

-BA or BS degree or 4+ years of experience with equivalent Cyber work

-CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), CISSP, or EC-Council Certified Incident Handler (ECIH) Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.