Threat Intelligence Platform Analyst in Durham, NC at Booz Allen Hamilton Inc.

Date Posted: 4/9/2018

Job Snapshot

Job Description

Job Number: R0025892

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.


Threat Intelligence Platform Analyst

Key Role:

Apply knowledge of tactical- to strategic-level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations. Advise on the use of forensics, network vulnerability, and malware analysis to conduct both technical analysis of Cyber threats and events and all-source analysis of Cyber threats, their vectors, and capabilities. Relay expertise in Anomali or ThreatConnect Threat Intelligence Platform (TIP) implementations with the teams. Leverage strong data integration expertise between multiple intelligence source feeds and Splunk. Provide data analysis expertise to identify trends and patterns. Provide programming expertise for improved automation. Provide effective oral and written communication to interact with constituents and other teams.


Basic Qualifications:

-3+ years of experience with working in the areas of intelligence, information security, network forensics, and threats

-Experience with evaluating systems and network devices and enterprise networks for IA vulnerabilities

-Experience with common network vulnerability or penetration testing methodologies and tools

-Ability to be highly motivated and a self-starter, prioritize assignments, and work in a collaborative Agile team environment

-Ability to obtain a security clearance

-BA or BS degree

-CISSP, CISA, CISM, GIAC, RHCE, CPTE, or CEH Certifications


Additional Qualifications:

-2+ years of experience with Linux and UNIX software development in any of the following languages: Java, Python, or C++

-Experience with analyzing commercial and open source intelligence feeds, adding context, and sharing key findings through executive briefings

-Experience with developing Splunk queries or dashboards

-Experience with relational and NoSQL databases

-Knowledge of a wide variety of security solutions and technologies, including Linux, network architecture, implementation, and configuration, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions, including Gateway and SaaS, and malware or security

-Knowledge on how to enable indicator detection at every point along the kill chain at an expert level

-Ability to develop and implement a company’s Cyber threat intelligence capability, federated across multiple operational units

-Ability to write API integrations and work with a variety of security-related technologies in a dynamic client environment

-Ability to create and support data processing pipelines and storage systems for threat intelligence data

-Possession of excellent analytical skills to make efficient and acceptable decisions


Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to sensitive information.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.