Cyber Threat Analyst

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Cyber Threat Analyst

Key Role:
Work as a member of a 24x7x365 Threat Intelligence Center (TIC) responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches, acting as a security advocate for clients. Conduct highly detail-oriented work that involves performing security threat analysis and working with clients to remediate security issues. Validate and characterize threats and collaborate with others, when needed and perform daily incident detection and response operations. Collect host based artifacts and perform forensic analysis to determine if the asset has been compromised. Identify compromised computers using logs, live response, and equivalent computer centric evidence sources, then form accurate and precise real-time host-centric analysis, including live response or digital forensics or malware analysis or log-centric analysis (SIEM), as needed. Analyze and assess security incidents and escalate to client resources or appropriate teammates or internal teams for additional assistance. Present analysis to other analysts for review, fine tuning, and feedback, work with the Threat Intelligence team to fine tune signatures and assist the Incident Response team with the incident response process. This position requires the ability to work a 6am-6pm Panama Schedule day shift in a 24x7x365 environment, including working and non-working days following a pattern of 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off; travel is initially light at approximately 10%, but movement within and up in the organization will require travel up to 50% or more.

Basic Qualifications:
-Ability to document findings to report or escalate Cyber incidents to customers and management clearly and concisely
-Ability to work well both independently and in a team environment
-Ability to work a Panama Schedule day shift 6 am – 6 pm for a 24x7x365 environment
-Ability to travel 10-50% or more of the time

Additional Qualifications:
-Experience with Network-centric analysis (NSM) and deploying and scripting detection solutions with Bro-ID
-Experience with host based detection and prevention suites, incluing McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, and Tanium
-Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac
-Knowledge of Splunk and other SIEM technologies
-Knowledge of scripting or programming, including Python, Perl, or C
-Knowledge of APT, Cyber Crime, and other associated tactics
-Possession of excellent critical thinking or problem-solving skills
-Possession of excellent analytical skills
-Possession of excellent oral and written communication skills
-BA or BS degree or 2 years of experience in a professional work environment

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.

Leave a Reply