Booz Allen Hamilton INC. Security Threat Analyst in New York, New York
Work as part of a team developing and implementing world class Cybersecurity capabilities for leading commercial businesses across industries, including financial, health, and manufacturing. Analyze the development of security content, including signatures, rules, searches, alerts, and reports to identify suspicious and malicious activity across the client's technology ecosystems, including SIEM, Splunk, Endpoint Detection (EDR), Intrusion Detection, such as IDS/IPS, Data Loss Prevention (DLP), security sensors, and other analytic technologies. Work with security operations teams to update and maintain security content, including incorporating feedback to improve detection logic and alert quality. Research emerging threat actor tactics, techniques, and procedures (TTPs) and incorporate threat intelligence into new security content. Perform proactive threat hunts to identify gaps in current detection methods and develop improved analytic methods that can be employed to enhance threat detection quality.
-7+ years of experience with configuring alerts and developing content in analytic technologies, including Splunk, Qradar, ArcSight, or Hadoop
-Experience with configuring security sensing technologies, including DLP, EDR, Tanium, FireEye HX, or Crowdstrike, firewalls, IDS, and Web and e-mail proxies
-Knowledge of security threats and detection techniques
-Ability to address and solve complex problems and client challenges
-Ability to self-manage and prioritize work activity
-Ability to travel to client site up to 75% of the time
-BA or BS degree
-Experience with scripting languages, including Python
-Experience with Splunk search
-Knowledge of Windows and *Nix
-Possession of excellent oral and written communication skills
-BA or BS degree in CS, IT, or a related field
We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status-to fearlessly drive change.
We are proud of our diverse environment. EOE,M/F/Disability/Vet.