Location: Washington, District of Columbia, USA
Remote Work: No
Job Number: R0129625
Share job via:
We're building value and opportunity by investing in cybersecurity, analytics, digital solutions, engineering and science, and consulting. Our culture of innovation empowers employees as creative thinkers, bringing unparalleled value for our clients and for any problem we try to tackle.
Empower People to Change the World®
Location: Washington, District of Columbia, USA
Remote Work: No
Job Number: R0129625
Key Role:
Supports technical and operational work for client partner agencies with the attribution and identification of new adversary infrastructure. Engages with US partner agencies extensively and document and develop findings. Provides technical support to client field offices and other intelligence partner agencies. Feeds intelligence community (IC) reporting derived from raw packet capture or NetFlow analysis while developing innovative ways to exploit data. Collaborates actively with law enforcement, counterintelligence, and IC peers to provide a greater comprehension of Cyber threats.
Basic Qualifications:
Experience with intelligence analysis
Experience with Splunk or SIEM tools
Knowledge of Advanced Persistent Threats
Ability to use netflow traffic to identify malicious behavior
Ability to identify APT traffic and enrich IOCs via IC reporting and databases
Ability to analyze network traffic data for anomalous or malicious content with tools
Ability to think and work independently with minimal supervision
Top Secret clearance
HS Diploma or GED
Additional Qualifications:
Experience with using both Windows and UNIX
Experience with Cyber Threat Reporting, both open and closed source
Experience in development with Python, including Elasticsearch
Experience with building searches and dashboard in Kibana
Experience with finding new and innovative ways of identifying signaturable activity for attribution of CNO activity
Ability to use verbal and written expertise to craft and deliver briefings
Bachelor's degree
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
#LI-AH1, DRE1Not ready to apply? Join our talent community and sign up for job alerts.
At Booz Allen, we believe that your talents are the gateway to tomorrow. Working at the leading-edge of artificial intelligence, data science, digital transformation, cybersecurity, engineering, and health and science, we uncover and solve the emerging challenges of our time. Ours is a culture of innovation, rooted in a collective desire to make a lasting impact that you will realize. The skills you’ll bring to our team, coupled with the unparalleled missions you’ll serve, will shift the way the world works and lead us into the future. Change is within reach—and it all starts with you.
If you are an individual with a disability and would like to request a reasonable workplace accommodation for any part of our employment process, please send an email to disability-accommodations@bah.com. Please indicate the specifics of the assistance needed. This option is reserved only for individuals who are requesting a reasonable workplace accommodation. It is not intended for other purposes or inquiries. We’re an EOE that empowers our people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status or other protected characteristic to fearlessly drive change.