Incident Response Design and Operations Lead in Annapolis Junction, MD at Booz Allen Hamilton Inc.

Date Posted: 3/28/2018

Job Snapshot

Job Description

Job Number: R0012155

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Incident Response Design and Operations Lead

Key Role:

Serve as a subject matter expert and manager for commercial Client-facing tasks, including the assessment, design, and implementation of a variety of enterprise security prevention, detection, and response capabilities. Lead consulting engagements that assess, recommend, enhance, implement, and monitor a variety of security tools spanning multiple capabilities, including intrusion detection and prevention and security analytics, perform retrospective anomaly and malware detection leveraging Client-facing tools, and design and implement capabilities to integrate multiple sources of threat intelligence into various security tools. Work closely with client security teams to develop, tune, automate, and enhance network and host based security devices and support the incident response fly away team with managing the response to client Cyber intrusions, performing extensive network and host triage, maintaining strict chain-of-custody, developing documentation and reports, and performing remediation, as required. Maintain responsibility for a hands on leadership role, mentoring, training, and retaining staff with a wide range of skill sets and backgrounds. This position will require extensive travel to high profile commercial client sites throughout the US, up to 80% of the time.

Basic Qualifications:

-5+ years of experience with incident response, security operations, or Cybersecurity

-2+ years of experience with leading staff in project or task delivery

-Experience with SIEMs, including designing or developing dashboards or correlation logic

-Experience with using network security devices, including IDS and IPS

-Knowledge of security capability development and architecture, security analytics and analytics tools, Cyber threat intelligence, and incident response

-Knowledge of offensive and defensive host and network security techniques

-Knowledge of common network and host security technologies

-Ability to support multiple tasks

-Ability to travel up to 80% and often on short notice

-Ability to obtain a security clearance

Additional Qualifications:

-Experience with a management or technical lead position within a security operations center or incident response team

-Experience with Fortune 100 or in

-house consulting

-Experience with performing large scale incident response engagements

-Experience with performing anomaly or malware hunts

-Experience with analyzing network and host logs to identify outliers and anomalies

-Experience with scripting languages

-Experience with implementing and maintaining network security devices

-Experienced with malware analysis, including static and dynamic analysis

-Knowledge of Cyber threat intelligence processes

-Knowledge of the Windows file system and areas of persistence

-BA or BS degree, MA or MS degree, or experience in a related field of work

-GCIA, GCIH, or CISSP Certifications


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.