Apply on Employer Site

Booz Allen Hamilton · 1 week ago

Cybersecurity Incident Handler, Senior

San Antonio, TX

Full-time

Hybrid

Senior Level

$99K/yr - $225K/yr

7+ years exp

Booz Allen Hamilton is seeking a Senior Cybersecurity Incident Handler to join their security operations center. The role involves responding to and mitigating cyber threats, improving monitoring strategies, and guiding recovery efforts to protect critical infrastructure from cyber-attacks.

ConsultingCyber SecurityIT InfrastructureManagement ConsultingSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Improve monitoring strategies and analyze threats

Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact

Guide efforts to figure out just how many systems are affected and assist recovery efforts

Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding

Qualification

Cybersecurity experienceSOC incident responseCloud technologiesCyber threat intelligenceCybersecurity standards knowledgeDoD 8140 Level II CertificationAnalytical skillsCommunication skillsTime management skills

Required

7+ years of experience in cybersecurity

3+ years of experience in a SOC with incident response activities, including analysis of artifacts, writing incident reports, and triaging of security events

Experience in a cybersecurity or computer field, including supporting information assurance, networking, or systems administration

Experience with cloud native technologies across Cloud Service Providers such as AWS Guard Duty, Azure Defender for Cloud, or AWS Macie

Experience with cyber threat intelligence, digital forensics, red teaming, threat hunt, cloud incident response, counterintelligence, and detection engineering

Knowledge of cybersecurity standards and the implementation of industry best practices

Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800-53 or NIST 800-61

TS/SCI clearance

Bachelor's degree and 3+ years of experience with cyber or IA, or 7+ years of experience with cyber or IA in lieu of a degree

DoD 8140 Level II Certification such as Security+, CySA+, or CISSP Certification

Preferred

Experience using Microsoft Office products

Experience with cyber technologies and capabilities, including continuous monitoring, incident response, advanced threat hunt, ongoing assessments, and secure Cloud and mobile capabilities

Experience with Cloud and DevSecOps

Experience with cybersecurity tools and solutions such as Microsoft Defender for Endpoint, Corelight, Suricata or Snort, Palo Alto and Cisco firewalls, Archer Case Management, ServiceNow, Threat Connect, Splunk Enterprise Security, Splunk SOAR, Cofense, IronPort Mail Gateways, or Microsoft G5 Defender suite

Possession of excellent verbal and written communication skills

Possession of excellent time management and analytical skills