Fort Belvoir, VA
Strategy – Planning
At Booz Allen, we harness our collective ingenuity to solve our clients’ toughest management and technology problems. We work with governments, Fortune 500 corporations, and not-for-profits around the globe, in industries ranging from defense to health, energy to international development. We believe there is no product, code, or strategy that can create progress-only people can. That’s why for more than 100 years we’ve empowered our team: over 24,000 dreamers, drivers, and doers who work together to change the world.
Job Number: R*******
Cyber Defense Operations Analyst, Mid
knowledge of tactical to strategic level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations. Advise on the uses of forensics, network vulnerability, and malware analysis to conduct both technical analysis of Cyber threats and events and all-source analysis of Cyber threats and their vectors and capabilities. Use both open source data and classified reporting to analyze and document the political, economic, social, and behavioral aspects of malicious Cyber activity. Provide situational awareness of local, regional, and international Cyber threats, including attribution analysis of Cyber organizations, programs, capabilities, motivations, and intent to conduct Cyberspace operations.
-3+ years of experience with network security
-1+ years of experience as an information security analyst or engineer
-Knowledge of log management and Security Information and Event Manager (SIEM) tools usage and architecture
-Knowledge of TCP/IP communications and how common protocols and applications work at the network level and network monitoring, analysis, troubleshooting, and configuration control technologies
-Ability to explain current information security threats, including DDoS, botnets, malware, Advanced Persistent Threats (APT), buffer overflows, SQL injection, and phishing
-Ability to develop use cases for detecting malicious and suspicious activity
-Ability to perform work either from 0600-1400 (6am-2pm) or 1400-2200 (2pm-10pm), Monday-Friday
-HS diploma or GED
-Security+ and CEH Certifications
-Experience with working in a 24/7 Security Operations Center (SOC) preferred
-Experience with scripting, including Perl, Python, and PowerShell
-Experience with deploying, configuring, or using log management and SIEM tools, including Splunk, LogRythym, McAfee ESM, IBM QRadar, and ArcSight Logger and ESM
-Experience with incident response, incident handling, or triage analysis
-Knowledge of using event escalation and reporting procedures and supporting network investigations
-Possession of excellent analytical, critical thinking, logic, and solution-orientation skills
-Possession of excellent oral and written communication skills
-BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.
We’re an EOE that empowers our people – no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status – to fearlessly drive change.
To apply for this job please visit itjobpro.com.