Tier II Security Operations Center Analyst in Fort Bragg, NC at Booz Allen Hamilton Inc.

Date Posted: 10/25/2018

Job Snapshot

Job Description

Job Number: R0038291

Tier II Security Operations Center Analyst

The Challenge:

Are you ready to take an active role in Cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of Cyber attacks? If you want to sharpen your skills by analyzing threats real-time, you want to be a Tier 2 SOC analyst.

As an analyst on our SOC team, you’ll improve monitoring strategies and analyze threats, using state-of-the-art tools like HBSS, Splunk, ESM, NSM, Netflows, IDS, StealthWatch, and ForeScout. You’ll use your Cybersecurity skills to:

  • Provide Security Operation Center (SOC) Analyst Tier 2 functions of deep-dive incident analysis by correlating data from various sources, determine if a critical system or data set has been impacted, advise on remediation, and provide support for new analytic methods for detecting threats
  • Conduct incident handling functions of containment, eradication and recovering, close out reports and lessons learned, escalate to Tier 3 Analyst or SOC Manager for malware analysis or adversity hunt mission
  • Review alerts to determine relevancy and urgency and communicate alerts to agencies regarding intrusions to the network infrastructure, applications, and operating systems
  • Create trouble tickets for alerts that signal an incident and require Tier 3 or Malware Analysis and Hunt Team Response
  • Collaborate with other teams to assess risk and develop improvement strategies for security posture
  • Monitor open source channels, including vendor sites, Computer Emergency Response Teams, SysAdmin, Audit, Network, Security (SANS) Institute, and Security Focus to maintain a current knowledge of Computer Network Defense (CND) threat condition and determine which security issues may have an impact on the enterprise
  • Collect intrusion artifacts, including source code, malware, and Trojans and use discovered data to enable mitigation, write and publish CND guidance and reports, including engagement reports on incident findings to appropriate constituencies
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
  • Stay up-to-date with current vulnerabilities, attacks, and countermeasures

You’ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll manage efforts to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to build your Cybersecurity skills with hands on experience in threat assessment and incident response. Join us as we protect clients from malicious actors.

Empower change with us.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

You Have:

-4 years of experience as an information assurance specialist

-Active TS/SCI clearance

-BA or BS degree or 4 years of experience with information assurance

-8570 Level II Certification, including Security+ CE, Systems Security Certified Practitioner (SSCP), or CompTIA Advance Security Practitioner (CASP)


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.