Location: London, London, United Kingdom
Remote Work: Yes
Job Number: R0164041
Share job via:
We're building value and opportunity by investing in cybersecurity, analytics, digital solutions, engineering and science, and consulting. Our culture of innovation empowers employees as creative thinkers, bringing unparalleled value for our clients and for any problem we try to tackle.
Empower People to Change the World®
Location: London, London, United Kingdom
Remote Work: Yes
Job Number: R0164041
Key Role:
Apply an advanced understanding of monitoring, analyzing, detecting, and responding to cyber events and incidents within information systems and networks. Contribute to an integrated, dynamic cyber defense and leverage cybersecurity solutions to deliver cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions. Provide leadership and mentoring for junior employees, contribute to the development of innovative principles and ideas, work on unusually complex problems, and provide solutions that are highly creative. Act as leader on large programs and projects that affect the organizations long-term goals and objectives, lead investigations that form part of a wider diverse team of analysts, and conduct event detection, incident triage, incident handling, and remediation. Handle major, high impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of stakeholders. Work closely with client security teams to develop, tune, automate, and enhance network and host-based security devices and support the incident response fly away team with managing the response to client Cyber intrusions, performing extensive network and host triage, maintaining strict chain-of-custody, analyzing documentation and reports, and performing remediation, as required.
Basic Qualifications:
Experience with using Microsoft Office Suite, including Word, Excel, and PowerPoint
Knowledge of incident management and response activities across the incident life cycle
Knowledge of security tools and techniques used by Cybersecurity teams
Ability to consider technical obstacles and challenges in the broader business context
Ability to manage and mold a team of high performing junior analysts to overcome new challenges
Ability to adapt communications' style and messaging for professionals at all levels
Ability to travel up to 20% of the time to support client needs
Bachelor's degree or 7+ years of experience in a professional work environment in lieu of a degree
Additional Qualifications:
Experience with performing host and network forensics analysis, including using timestamps across different log types to develop authoritative timelines of activity to find evidence of malicious activity
Experience with performing anomaly or malware hunts using a common framework and standard methodology, including the MITRE ATT&CK framework
Experience with conducting digital memory acquisition using Volatility, Rekall, or similar tools and extracting malicious binaries for analysis
Experience with common scripting languages, including Perl or Python in the context of incident response and security operations
Knowledge of Elasticsearch and data visualization tools and methodologies
Knowledge of conducting investigations in AWS, Azure, and Google Cloud
Knowledge of security-related technologies, including IDS/IPS, SIEM, firewalls, Log Management, HIDS/NIDS, proxies, Endpoint Detection and Response, and other enterprise level appliances
Ability to be self-driven, work independently, and handle multiple tasks concurrently
Possession of excellent verbal and written communication skills
GIAC Certified Incident Analyst (GCIA), Certified Computer Security Incident Handler (CSIH), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), CREST Certified Incident Manager, or CREST Certified-Network Intrusion Analyst Certification
EEO Commitment
We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
Not ready to apply? Join our talent community and sign up for job alerts.
At Booz Allen, we believe that your talents are the gateway to tomorrow. Working at the leading-edge of artificial intelligence, data science, digital transformation, cybersecurity, engineering, and health and science, we uncover and solve the emerging challenges of our time. Ours is a culture of innovation, rooted in a collective desire to make a lasting impact that you will realize. The skills you’ll bring to our team, coupled with the unparalleled missions you’ll serve, will shift the way the world works and lead us into the future. Change is within reach—and it all starts with you.
If you are an individual with a disability and would like to request a reasonable workplace accommodation for any part of our employment process, please send an email to disability-accommodations@bah.com. Please indicate the specifics of the assistance needed. This option is reserved only for individuals who are requesting a reasonable workplace accommodation. It is not intended for other purposes or inquiries. We’re an EOE that empowers our people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status or other protected characteristic to fearlessly drive change.