Cyber Defense Incident Responder

Booz Allen Hamilton•Alexandria, VA

2d•$99,000 - $225,000•Remote

About The Position

As a security operations center analyst, you’re in the middle of the action, responding to and mitigating threats in real time. You’re the first line of cyber defense for your organization, and they look to you for guidance on best practices and security measures. We need a Tier 2 SOC analyst like you to help us secure critical infrastructure from the constant onslaught of cyber-attacks for the Army National Guard. As a SOC analyst on our team, you’ll improve monitoring strategies and analyze threats, using state-of-the-art tools. You’ll use your cyber security skills to: Respond to and resolve cybersecurity incidents and proactively prevent reoccurrence of these incidents. Monitor the operation of systems and networks to ensure business continuity. Review the latest alerts to determine relevancy and urgency. Perform scans to identify security vulnerabilities and potential risks and take effective measures to prevent and reduce cybersecurity incidents. Leverage emerging threat intelligence to identify affected systems and scope of the attack. Analyze and identify potential risks, vulnerabilities, and malware. Manage and configure security monitoring tools and determine and direct remediation and recovery efforts. You’ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll guide efforts to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to hone your cyber security skills with hands-on experience in threat assessment and incident response. Work with us as we secure the Army National Guard enterprise network from malicious actors. Join us. The world can’t wait.

Requirements

4+ years of experience supporting federal agencies, including in cybersecurity or SOC environments
1+ years of experience preparing and delivering weekly, monthly, or quarterly program reports and executive briefings
Ability to coordinate across multiple stakeholders, including government leads, vendors, and technical teams
Top Secret clearance
Bachelor’s degree

Nice To Haves

Experience in program or project management supporting IT or cybersecurity programs with multiple task orders or complex workstreams
Experience supporting federal agencies, including in cybersecurity or SOC environments
Experience contributing to CIO-level briefings or executive dashboards
Experience tracking operational metrics, incident statistics, and performance trends
Experience with project management and reporting tools such as MS Project, Excel, PowerPoint, or Confluence
Knowledge of SOC operations, including incident response, threat monitoring, and security analytics
Knowledge of risk management practices, including maintaining risk registers and mitigation strategies
Ability to work in a fast-paced, deadline-driven environment with minimal oversight
Possession of excellent written and verbal communication skills, including for writing reports and facilitating meetings

Responsibilities

Respond to and resolve cybersecurity incidents and proactively prevent reoccurrence of these incidents.
Monitor the operation of systems and networks to ensure business continuity.
Review the latest alerts to determine relevancy and urgency.
Perform scans to identify security vulnerabilities and potential risks and take effective measures to prevent and reduce cybersecurity incidents.
Leverage emerging threat intelligence to identify affected systems and scope of the attack.
Analyze and identify potential risks, vulnerabilities, and malware.
Manage and configure security monitoring tools and determine and direct remediation and recovery efforts.
Guide efforts to figure out just how many systems are affected and assist recovery efforts.
Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding.