Cyber Threat Analyst, Mid

Booz Allen Hamilton Inc. Blue Ash , OH 45242

Posted 3 weeks ago

Job Description: Job Number: R0051378

Cyber Threat Analyst, Mid

Key Role:

Work as a member of a 24x7x365 Threat Intelligence Center (TIC) responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches, acting as a security advocate for clients. Perform highly detail-oriented work that involves conducting security threat analysis and working with clients to provide remediation strategies and guidance. Validate and characterize threats and collaborate with others, when needed and perform daily incident detection and response operations, collect host-based artifacts and perform forensic analysis to determine if the asset has been compromised. Identify compromised computers using logs, live response, and equivalent computer centric evidence sources, then form accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis or log-centric analysis (SIEM), as needed. Provide input on new detection strategies and remediation guidance to clients, analyze and assess security incidents and escalate to client resources, appropriate teammates or internal teams for additional assistance. Present analysis to other analysts for review, fine tuning, and feedback, work with the Threat Intelligence team to fine tune signatures and assist the incident response team with the incident response process. This position requires to work a 6am-6pm Panama schedule day shift or a 6pm-6am Panama schedule night shift in a 24 x 7 x 365 environment, including working and non-working days/nights following a pattern of 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off; travel is initially light at approximately 10%, but movement within and up in the organization will require travel up to 50% or more.

Basic Qualifications:

  • 3+ years of experience with IT

  • Ability to clearly and concisely document findings to report and escalate Cyber incidents to customers and management

  • Ability to take ownership of analytic work and provide constructive feedback to others

  • Ability to work independently and in a team environment

  • Ability to work a Panama Schedule day shift 6 am 6 pm for a 24x7x365 environment

  • Ability to travel 10-50% or more of the time

  • HS diploma or GED

Additional Qualifications:

Experience with network-centric analysis (NSM), reviewing PCAP and TCP streams

Experience in deploying and scripting detection solutions with Bro-ID

Experience with host-based detection and prevention suites, including McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, or Tanium

  • Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac

  • Knowledge of Splunk and other SIEM technologies

  • Knowledge of scripting or programming, including Python, Perl, or C

  • Knowledge of APT, Cyber Crime, and other associated tactics of demonstrated critical thinking and problem-solving skills

  • Possession of excellent analytical skills

  • Possession of excellent oral and written communication skills

  • Possession of excellent critical thinking or problem-solving skills

  • Possession of excellent analytical skills

  • BA or BS degree or 2 years of experience working in a professional environment

We're an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristicto fearlessly drive change.

CMCL


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Threat Intelligence Analyst Senior

Booz Allen Hamilton Inc.

Posted 2 months ago

VIEW JOBS 2/28/2019 12:00:00 AM 2019-05-29T00:00 Job Description Job Number: R0048878 Cyber Threat Intelligence Analyst, Senior The Challenge: Everyone knows security needs to be "baked in" to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your Cyber engineering skills to design and build secure systems for Fortune 500 clients? We're looking for an engineer who can create solutions for clients that will stand up to even the most advanced Cyber threats. As a Cyber threat analyst, you'll conduct technical intelligence analysis, generate reports, and serve as a technical escalation point for internal customers. You'll coordinate work with in-house teams to identify the right mix of tools and techniques to translate your customer's IT needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you'll investigate new techniques, break free from the legacy model, and go where the industry is going. You'll lead the team through a critical approach to network design, providing alternatives and customizing solutions, to maintain a balance of security and business needs. This is a chance to make a difference in the security of Fortune 500 clients. Your technical expertise will be vital as you help customers overcome their most difficult challenges by integrating secure practices like like network/endpoint based detection and technical intelligence reporting. You'll be able to broaden your skillset into areas like IDS signature authoring, reverse engineering, and security tool automation while building peace of mind in a critical infrastructure. Join our team, as we improve our clients' security posture through cyber security. Other responsibilities include analyzing a variety of information and intelligence relevant to the threats facing the systems, assets, and resources critical to the nation and develop relevant research studies and recommendations. Conduct technical intelligence analysis and serve as a technical intelligence resource supporting internal clients. Lead or participate in approved studies and provide additional analysis in response to specific threats and incident reports, as needed. Lead the planning and implementation of large programs in the function and interface regularly with senior management and executive leadership. Provide advice and counsel to the organization in the area of expertise. Work closely with and mentor junior analysts in a Cyber Fusion Center (CFC) environment. Play a role in overall functional strategic planning. Empower change with us. Build Your Career: Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen Cyber. When you join Booz Allen, we'll help you develop the career you want. * Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills. * Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills. * Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam. * Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap. * Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces. You Have: * 5+ years of experience with Cybersecurity, threat intelligence, Hunt, Red Team, penetration testing, or traditional intelligence * Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful products * Experience with Cyber, computer network operations and manipulation, information operations or information warfare, or topical Cyber expertise * Experience with conducting technical intelligence analysis and serving as a technical intelligence resource supporting internal clients * Knowledge of malware types, malware analysis tools and procedures, and how to report malware analysis output * Knowledge of Linux and Intrusion Detection Systems, including Snort, Suricata, or Bro, Yara, network protocols, or other security tools * Ability to write high-quality intelligence assessments and briefings for a senior-level audience and provide a writing sample * Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate comprehension of current and developing Cyber threats * Ability to travel up to 20% of the time * BA or BS degree in Information Security or CS or 8 years of experience in working with Cybersecurity Nice If You Have: * Experience with clearly defining complex issues despite incomplete or ambiguous information * Knowledge of scripting languages, API functionality, and data access methodologies * Ability to operate in a fast-paced work environment, multi-task, and handle truncated delivery deadlines * Ability to work closely with and mentor junior analysts in a CFC environment * Possession of excellent writing skills * Possession of excellent oral and written communication skills * MA or MS degree in CS, Information Systems, or a related field a plus We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change. CMCL Booz Allen Hamilton Inc. Blue Ash OH

Cyber Threat Analyst, Mid

Booz Allen Hamilton Inc.