Job Number: R0030281
Security Operations Center Analyst
Are you ready to be the first line of cyber defense for a global defense group supporting a defensive cyber operations (DCO) mission? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber attacks? If you want to be in the middle of the action and build your skills by responding to threats real-time, you want to be a Tier 1 SOC analyst.
As an analyst on our SOC team, you'll develop network defense skills as you learn to monitor, detect, and analyze threats by interacting directly with affected users and state-of-the-art tools like Splunk. You'll use your cyber security skills to:
- Perform real-time monitoring, analysis, and resolution of identified security incidents and daily operations using SIEM and network sensor grid tools to monitor events from multiple sources, including firewall logs, system logs, network- and host-based intrusion detection systems, applications, databases, and other security information monitoring tools
- Maintain responsibility for network traffic analysis, log analysis, and prioritization and differentiation between potential intrusion attempts and false alarms
- Troubleshoot tickets, including alerts for unreachable devices, devices not reporting events, and miscellaneous hardware and software failures
- Communicate and escalate issues and incidents, as required by process or management
- Perform documentation review and improvement
When an incident is detected, you'll work with the team to collect data to help incident response understand and mitigate the threat. You'll analyze alerts to figure out just how many systems are affected and initiate recovery efforts. You'll contribute to assessments and learn how to analyze patterns to understand attackers' goals to stop them from succeeding. This is a great opportunity to build your cybersecurity skills and learn more about threat assessment and incident response. Join us as we protect our defense clients from malicious actors.
Empower change with us.
Build Your Career:
Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want.
Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills.
Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.
-1+ years of experience with incident handling, forensics, sensor alert tracking, or Cybersecurity case management
-Experience in a NOC or SOC
-Experience with Cybersecurity forensics tools and methodologies
-Experience with network ports and protocols
-Experience with log review and analysis
-BA or BS degree
-DoD 8570 IAT Level II Certification, including Security+ CE
-CND Analyst IA Baseline Certification, including CEH, GCIA, or GCIH
Nice If You Have:
-Experience with Cybersecurity tools, including ArcSight, McAfee HBSS, Splunk, ACAS, or equivalent SIEM tools
-Knowledge of industry, government, and DoD best practices, including awareness of new or revised security solutions and improved security processes
-Knowledge of DoD system solutions to mitigate risk in any activity that potentially impacts the security of existing IT and information management
-Ability to work shifts in a 24x7x365 environment
-Ability to triage SIEM events and determine escalation of indicators
-Ability to apply NIST, federal, and DoD guidelines, policies, directives, and memos as they relate to Cybersecurity
-Possession of excellent analytical, collaboration, and detail skills
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website