Incident Response Analyst, Mid
Job Number: R0151480
Incident Response Analyst, Mid
Key Role:
Resp ond to and resolve cyber security incidents, and proactively prevent reoccurrence of these incidents. Apply specific functional knowledge, including working or general industry knowledge. Develop or contribute solutions to a variety of problems of moderate scope and complexity. This position is open to remote delivery from any location in the U.S., to include the District of Columbia.
Basic Qualifications:
- 3+ years of experience in an incident response team or computer investigative role
- Experience c ond ucting highly te chn ical examinations, analysis, and reporting of computer-based evidence for security incidents or investigations
- Experience documenting incidents from initial detection through final resolution
- Knowledge of information security, threats, attacks, vulnerabilities, te chn iques, and exploits, including the security threat landscape
- Knowledge of incident response processes, including detection, triage, incident analysis, remediation, and reporting; and digital investigations, including computer forensics, network forensics, eDiscovery, malware analysis or memory analysis
- Ability to secure handling of digital evidence and matter confidentiality
- Ability to analyze data, including logs or packets captures, from various sources within the enterprise, and draw conclusions regarding past and future security incidents
- Ability to coordinate with and act as subject matter expert to resolve incidents by working with other information security spe cia lists to correlate threat assessment data to maintain and expand information security metrics
- TS / SCI clearance
- HS diploma or GED
Additional Qualifications:
- Experience in incident response processes, including detection, triage, incident analysis, remediation, and reporting
- Experience in digital investigations, including computer forensics, network forensics, eDiscovery, malware analysis or memory analysis
- Knowledge of programming and scripting, including Python, Perl, Bash, PowerShell, or C++
- Knowledge of Windows, Mac and Linux operating systems, and Cloud platforms
- Ability to discover and support new analytic methods for detecting threats
- Ability to provide process improvements suggestions to customers
- Ability to author clear and concise reports
- SANS certification, including GIAC, GCIH, GCFE, GCFA, GNFA, GCTI, GREM, GRID, EnCE, EnCEP, ACE, CFCE, CCE, ECIH, or CHFI
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; TS / SCI clearance is required.
Compe nsa tion:
At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.
The salary for this position will be determined based on various factors. The proposed salary range for this position in Colorado is 71,900 to 133,500.
We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.