Incident Response Analyst, Mid

Key Role:

Respond to and resolve cybersecurity incidents and proactively prevent reoccurrence of these incidents. Apply specific functional, working, and general industry knowledge. Develop or contribute to solutions to a variety of problems of moderate scope and complexity. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 3+ years of experience in an incident response team, including CIRT, or in a computer investigative role
  • Experience with conducting highly technical examinations, analysis, and reporting of computer-based evidence related to security incidents or investigations
  • Experience with documenting incidents from initial detection through final resolution
  • Knowledge of information security, threats, attacks, vulnerabilities, techniques, and exploits, including current security threat landscape
  • Knowledge of incident response processes, including detection, triage, incident analysis, remediation, and reporting, and digital investigations, including computer forensics, network forensics, eDiscovery, malware analysis, or memory analysis
  • Ability to secure handling of digital evidence and matter confidentiality
  • Ability to analyze data, including logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
  • Ability to act as a subject matter expert to resolve incidents by working with other information security specialists to correlate threat assessment data to maintain and expand related information security metrics
  • Top Secret clearance
  • HS diploma or GED

Additional Qualifications:

  • Experience with incident response processes, including detection, triage, incident analysis, remediation, and reporting
  • Experience with digital investigations, including computer forensics, network forensics, eDiscovery, malware analysis, or memory analysis
  • Knowledge of programming and scripting, including Python, Perl, Bash, PowerShell, or C++
  • Knowledge of Windows, Mac, and Linux operating systems and Cloud platforms
  • Ability to discover and support new analytic methods for detecting threats
  • Ability to provide relevant process improvements suggestions to customers
  • Ability to author clear and concise reports
  • SANS, GIAC, GCIH, GCFE, GCFA, GNFA, GCTI, GREM, GRID, EnCE, EnCEP, ACE, CFCE, CCE, ECIH, or CHFI Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

Compensation:

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

The salary for this position will be determined based on various factors. The proposed salary range for this position in Colorado is 71,900 to 133,500.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.