Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.
Corporate Cyber Incident Handler
Interface with the user community of Booz Allen Hamilton to assist them with reports of suspicious or malicious Cyber activity and serve as the first line of the firm’s Cyber defense responsible for identifying and responding to security threats. Deploy customer service expertise in daily duties, including speaking to and corresponding with users of all levels within Booz Allen Hamilton. Demonstrate a moderate knowledge of computer systems, e–mail–based attacks, and security topics and operate in a 12/5 operations center environment responsible for incident confirmation, response, data collection, investigation, and analysis. Leverage knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention and use a combination of open source research, network and host forensic analyses, log review and correlation, and pcap analysis to complete investigations. Compose and present reports on findings to leadership for intrusion incidents and manage the incident life cycle, ensuring that all investigations are kept current and are completed.
-2+ years of experience with system administration, network engineering, and security engineering
-Knowledge of host and network log sources to apply to investigation, IR methodology in investigations, and the groups behind targeted attacks and their tactics, techniques, and procedures (TTPs)
-Ability to facilitate customer requests regarding Cybersecurity threats and best practices
-Ability to monitor shared mailbox and ticket queues, communicate ownership and next steps within the team, and monitor internal social media for questions and reports pertaining to Cybersecurity
-Ability to communicate effectively under normal and stressful situations
-Ability to work with a team to complete the mission while working well under pressure to rapidly scope and investigate incidents, as needed
-HS diploma or GED
-Experience with performing host or network incident response, malware analysis, or forensics
-Experience with network forensics and intrusion analysis, performing independent research, and reporting on findings
-Knowledge of networking concepts and analysis tools and operating systems, software, and security controls
-Ability to show originality and creativity in problem solving
-Ability to pay strict attention to detail and show a solution orientation
-Ability to learn and adapt quickly
-Ability to be a self–starter, quick learner, and detail–oriented
-Ability to obtain and maintain a security clearance
-Possession of excellent oral and written communication skills
-Possession of excellent analytical, critical thinking, and logic skills
-BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred; MA or MS degree a plus
-Industry Recognized Information Security Certification, including CISSP, Security+, or SANS
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems. by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.
We are proud of our diverse environment, EOE, M/F/Disability/Vet.