Job Description: Job Number: R0053146
Cyber Threat Analyst, Lead
Work as part of a team that develops and implements world class Cybersecurity capabilities for leading commercial businesses across industries, including financial, health, and manufacturing. Develop security content, including signatures, rules, searches, alerts, and reports to identify suspicious and malicious activity across the client's technology ecosystems, including SIEM, Splunk, Endpoint Detection (EDR), Intrusion Detection (IDS/IPS), Data Loss Prevention (DLP), security sensors, and other analytic technologies. Work with security operations teams to update and maintain the security content, incorporating feedback to improve detection logic and alert quality. Research emerging threat actor tactics, techniques, and procedures (TTPs) and incorporate threat intelligence into new security content. Perform proactive threat hunts to identify gaps in current detection methods and develop improved analytic methods that can be employed to enhance threat detection quality.
3+ years of experience with configuring alerts and developing content in analytic technologies, including Splunk, Qradar, ArcSight, or Hadoop
Experience with configuring security sensing technologies, including DLP, EDR, Tanium, FireEye HX, or Crowdstrike, firewalls, IDS, or Web and e-mail proxies
Knowledge of security threats and detection techniques
Ability to address and solve complex problems and client challenges
Ability to self-manage and prioritize work activity
Ability to travel to the client site up to 75% of the time
BA or BS degree
Experience with scripting languages, including Python
Experience with Splunk search
Knowledge of Windows and *Nix
Possession of excellent oral and written communication skills
BA or BS degree in CS, IT, or a related field
We're an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristicto fearlessly drive change.
Booz Allen Hamilton Inc.