Security Threat Analyst in New York, NY at Booz Allen Hamilton Inc.

Date Posted: 8/5/2018

Job Snapshot

Job Description

Job Number: R0029969

Security Threat Analyst

Key Role:

Work as part of a team that develops and implements world class Cybersecurity capabilities for leading commercial businesses across industries, including financial, health, and manufacturing. Develop security content, including signatures, rules, searches, alerts, and reports to identify suspicious and malicious activity across our client’s technology ecosystems, including SIEM, Splunk, Endpoint Detection (EDR), Intrusion Detection (IDS/IPS), Data Loss Prevention (DLP), security sensors, and other analytic technologies. Work with security operations teams to update and maintain the security content, incorporating feedback to improve detection logic and alert quality.  Research emerging threat actor tactics, techniques, and procedures (TTPs) and incorporate threat intelligence into new security content. Perform proactive threat hunts to identify gaps in current detection methods and develop improved analytic methods that can be employed to enhance threat detection quality. 


Basic Qualifications:

-3+ years of experience with configuring alerts and developing content in analytic technologies, including Splunk, Qradar, ArcSight, and Hadoop

-Experience with configuring security sensing technologies, including DLP, EDR, Tanium, Fireeye HX, or Crowdstrike, firewalls, IDS, and Web and e-mail proxies

-Knowledge of security threats and detection techniques

-Ability to address and solve complex problems and client challenges

-Ability to self-manage and prioritize work activity

-Ability to travel to client site up to 75% of the time


Additional Qualifications:

-Experience with scripting languages, including Python

-Experience with Splunk search

-Knowledge of Windows and *Nix

-Possession of excellent oral and written communication skills

-BA or BS degree

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

CMCL

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.