Cybersecurity Defense Lead

Key Role:

Serve as part of Booz Allen Hamilton's business in Asia by joining the Cybersecurity management consulting practice and work on transformative engagements for clients in the public and private sectors and across industries, helping clients to build a full range of Cybersecurity capabilities. Work as a core team member on client engagements, developing expertise in security and risk management, solutions architecture and design, data fusion, information security strategy, and engineering. Conduct interviews with C-suite business leaders and technology leaders, internal client stakeholders, and external clients, suppliers, and competitors, as needed and support engagement managers in identifying data sources and relevant information security techniques and solutions, performing the appropriate analyses and design and presenting findings. Demonstrate the potential to comprehend, analyze, and solve complex engineering and technology challenges, apply knowledge of basic engineering and technology tools, and develop and implement approaches, solutions, frameworks, and standards. Deal with ambiguity, work with commitment, demonstrate an excellent work ethic, and leverage flexibility in supporting the overarching business across roles and functions, including across markets on strategy, digital, and data science engagements, as needed. Apply experience with a steep learning curve, work in a dynamic start-up environment with multicultural, cross-functional teams, and leverage knowledge of monitoring, analyzing, detecting, and responding to Cyber events and incidents for information systems and networks. Advise and design integrated, dynamic Cyber defenses, leverage Cybersecurity solutions to deliver Cybersecurity operational services, including red teaming software development, threat hunting, intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions, test, implement, deploy, and operate the infrastructure hardware and software required to manage the organization’s Cybersecurity operational services effectively, and provide work leadership for other Cyber employees.

Basic Qualifications:

-10+ years of experience with Cybersecurity or technology consulting

-5+ years of experience with incident detection and response, malware analysis, or Cyber forensics

-Experience with SOC and NOC operations, kill chain analysis for incident response, and relevant security technologies, including SIEM, IDS and IPS, EDR, and HBSS

-Experience in analyzing and synthesizing Cyber and log information with other relevant data sources, providing guidance and mentorship to others in Cyber threat analysis and operations, evaluating, interpreting, and integrating other sources of information, and fusing computer network attack analyses with other threat intelligence data sources

-Experience with analyzing network traffic, large sets of log data, and other relevant security data for breach analysis

-Experience with using the NIST CSF and similar frameworks for Cybersecurity evaluations

-Experience with Cybersecurity, information security management, and IT controls, including ISO 27000 series or CoBIT

-Knowledge of at least two of the following: network traffic analysis, Cyber threat, Cyber adversary techniques, log aggregation and correlation, or scripting techniques

-Ability to display oral and written fluency in English

-BS or BE degree

Additional Qualifications

-8+ years of experience with Cyber threat intelligence, malware analysis, Cyber forensics, or vulnerability research

-Experience with Cybersecurity technologies, including SIEM, IDS and IPS, EDR, HBSS, packet capture solutions, or IOC discovery tools

-Experience with developing hypotheses and data models for Cyber Threat Intelligence (CTI)

-Experience with applying Cyber threat intelligence research and analysis to incident analysis

-Experience with low-level software programming to test the defenses of devices and enterprises

-Experience with the Cybersecurity and vulnerabilities of integrated control or SCADA systems

-Knowledge of Cybersecurity information systems and operations strategy, including computer network defense, technology evaluation data, information assurance, or advanced Cyber analytics

-Knowledge of control system protection in the land transport or energy sector domains

-Ability to display fluency in regional languages, including Bahasa or Telugu a plus

-BS or BE degree in EE or a Cybersecurity-related field

-CISSP, CSX, CISA, CISM, or CEH Certification

-OSCP or CREST Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.