Booz Allen Hamilton · 3 days ago

Security Operations Center Analyst

McLean, VA

Full-time

Onsite

Mid Level

$54K/yr - $123K/yr

2+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ConsultingCyber Security

Growth Opportunities

Insider Connection @Booz Allen Hamilton

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Serve as an Incident Responder and first line of the Firm’s cyber defense, responsible for identifying and responding to security threats.

Operate in an operations center environment responsible for incident confirmation, response, data collection, investigation, and analysis.

Leverage knowledge of computer and network architecture to provide analysis during investigations identifying adversarial activity and methods for future detection and prevention.

Use a combination of open-source research, network and host forensic analysis, log review, and correlation, and PCAP analysis to complete investigations.

Compose and present reports on findings to leadership for intrusion incidents.

Manage incident life cycle ensuring that all investigations are kept up to date and are completed.

Help secure Booz Allen from the constant onslaught of cyber-attacks.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CIRT supportCNO supportSOC operationsMicrosoft OfficeCybersecurity knowledgeIT architecture designNIST SP 800-171Ticketing systemIncident responseSecurity clearanceSecurity+ certificationProblem-solvingSelf-drivenIndependent workTeamworkForensic AnalysisScripting Languages (Python)SplunkCustom DashboardsVerbal CommunicationWritten Communication

Required

2+ years of experience with supporting Computer Incident Response Team (CIRT), Cyber Network Operations (CNO), or Security Operations Center (SOC) operations

Experience with using Microsoft Office Suite, including Word, Excel, and PowerPoint

Knowledge of Cybersecurity and IT architecture design and tools

Knowledge of Information Security best practices, such as NIST SP 800-171

Ability to triage, create, update, and document tickets in the authorized ticketing system to initiate the incident response process

Ability to be self-driven, work independently, and handle multiple tasks concurrently

Ability to work in an enterprise team setting

Ability to obtain a security clearance

HS diploma or GED

Security+ Cybersecurity certification