Incident Response Analyst

This site uses cookies to give you the best, most relevant experience. Using this website means you are OK with this.

Home / All Jobs / Fayetteville / North Carolina / USA

Fayetteville , North Carolina , USA

Atlanta, Georgia, USA
Denver, Colorado, USA
New York, New York, USA
San Antonio, Texas, USA
Washington, District of Columbia, USA

Apply

Job Description

Location: Fayetteville, North Carolina, USA

Job Number: R0094697

Share job via:

Incident Response Analyst

Key Role:

Serve as a technical lead and manager for commercial client tasks, including the assessment, design, and implementation of enterprise security prevention, detection, and response capabilities. Lead a diverse team of analysts in conducting event detection, incident triage, incident handling, and remediation. Handle major, high impact incidents to generate clear, concise recommendations and coordinate activities and professional communications across a range of stakeholders. Work closely with client security teams to develop, tune, automate, and enhance network and host-based security devices. Support the incident response fly away team with managing the response to client cyber intrusions, performing extensive network, and host triage. This position may be located throughout the nation, including San Francisco, CA, San Diego, CA, Los Angeles, CA, Charlotte, NC, Denver, CO, Houston, TX, Dallas, TX, NYC, or the DC Metro area and will require travel of up to 80% of the time to client sites.

Basic Qualifications:

-4+ years of experience with Digital Forensic or Incident Response

-Knowledge of security technologies, including IDS/IPS, SIEM, Log Management, or Endpoint and response

-Knowledge of cloud environments, including, AWS, Azure, or GCP

-Knowledge of incident management and response activities across the incident life cycle

-Knowledge of security tools and techniques used by cybersecurity teams

-Ability to travel up to 80% of the time

-BA or BS degree

Additional Qualification:

-Experience with performing anomaly or malware hunts using a common framework and standard methodology, including the MITRE ATT&CK framework

-Experience with conducting digital memory acquisition using Volatility, Rekall, or similar tools and extracting malicious binaries for analysis

-Experience with performing static code analysis, including dissecting suspicious subroutines in assembly

-Experience with scripting languages, including Perl or Python in the context of incident response and security operations

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-AH1

Apply

Not ready to apply? Join our talent community and sign up for job alerts.

About Us

At Booz Allen, we believe that your talents are the gateway to tomorrow. Working at the leading-edge of artificial intelligence, data science, digital transformation, cybersecurity, engineering, and health and science, we uncover and solve the emerging challenges of our time. Ours is a culture of innovation, rooted in a collective desire to make a lasting impact that you will realize. The skills you’ll bring to our team, coupled with the unparalleled missions you’ll serve, will shift the way the world works and lead us into the future. Change is within reach—and it all starts with you.

If you are an individual with a disability and would like to request a reasonable workplace accommodation for any part of our employment process, please send an email to disability-accommodations@bah.com. Please indicate the specifics of the assistance needed. This option is reserved only for individuals who are requesting a reasonable workplace accommodation. It is not intended for other purposes or inquiries. We’re an EOE that empowers our people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status or other protected characteristic to fearlessly drive change.