Cyber Threat Hunter

This site uses cookies to give you the best, most relevant experience. Using this website means you are OK with this.

Home / All Jobs / Washington / District of Columbia / USA

Washington , District of Columbia , USA

Annapolis, Maryland, USA
Atlanta, Georgia, USA
Denver, Colorado, USA
Fayetteville, North Carolina, USA
Jacksonville, North Carolina, USA

Apply

Job Description

Location: Washington, District of Columbia, USA

Job Number: R0099460

Share job via:

Cyber Threat Hunter

The Challenge:

Are you looking for an active role in detecting advanced Cyber threats to our global commercial enterprise networks? Instead of letting the attackers come to us, let’s go find them. Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting. We’re looking for computer network defense (CND) and computer network operations (CNO) specialists who can think like a Cyber attacker to figure out how to circumvent security measures. This is an opportunity to use your analytical skills and gain network defense experience. You’ll learn to rapidly prototype and build scripts to create haystacks where you’ll sift through the false positives to find patterns and indicators. Learn from our team of Cybersecurity experts as you find the adversary in the Security Event Information Management (SEIM)'s blind spot to help the government close the gaps and harden their network. This is a chance to think differently about Cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Let’s outsmart the adversary and protect our national security for our government clients.

You Have:

-Experience with IT infrastructure

-Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses

-Knowledge of the TCP/IP networking stack or network IDS technologies

-Ability to work with client deliverables and requirements

-BA or BS degree

Nice If You Have:

-Experience with regular expression and scripting languages, including Python or PowerShell

-Experience with Windows Enterprise security or systems administration

-Experience with SIEM and SOC, including Qradar, Splunk ES, or ArcSight

-Experience with scripting, including PowerShell, Python, or REST APIs

-Experience with forensic tools, including FTK and Encase

-Experience with endpoint telemetry, including Carbon Black, HX, Falcon, or Endgame

-Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies

-Experience with offensive tools, including Mimikatz, Metasploit, and Empire

-Knowledge of Windows OS and PowerShell or command line

-Knowledge of endpoint incident response and forensics

-Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building

-GCFA, GCFE, GREM, GNFA, or OSCP Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Apply

Not ready to apply? Join our talent community and sign up for job alerts.

About Us

At Booz Allen, we believe that your talents are the gateway to tomorrow. Working at the leading-edge of artificial intelligence, data science, digital transformation, cybersecurity, engineering, and health and science, we uncover and solve the emerging challenges of our time. Ours is a culture of innovation, rooted in a collective desire to make a lasting impact that you will realize. The skills you’ll bring to our team, coupled with the unparalleled missions you’ll serve, will shift the way the world works and lead us into the future. Change is within reach—and it all starts with you.

If you are an individual with a disability and would like to request a reasonable workplace accommodation for any part of our employment process, please send an email to disability-accommodations@bah.com. Please indicate the specifics of the assistance needed. This option is reserved only for individuals who are requesting a reasonable workplace accommodation. It is not intended for other purposes or inquiries. We’re an EOE that empowers our people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status or other protected characteristic to fearlessly drive change.