Security Operations Center Analyst
Washington, DC

Job Description

Security Operations Center Analyst

The Challenge:

Are you ready to be the first line of Cyber defense for our civil services group? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of Cyber attacks? If you want to be in the middle of the action and build your skills by responding to threats real-time, you want to be a Tier 1 SOC analyst.

As an analyst on our SOC team, you'll develop network defense skills as you learn to monitor, detect, and analyze threats by interacting directly with affected users and state-of-the-art tools like Splunk. You'll use your Cybersecurity skills to:

* Perform real-time monitoring, analysis, and resolution of identified security incidents and daily operations using SIEM and network sensor grid tools to monitor events from multiple sources, including firewall logs, system logs, network- and host-based intrusion detection systems, applications, databases, and other security information monitoring tools
* Maintain responsibility for network traffic analysis, log analysis, and prioritization and differentiation between potential intrusion attempts and false alarms
* Troubleshoot tickets, including alerts for unreachable devices, devices not reporting events, and miscellaneous hardware and software failures
* Communicate and escalate issues and incidents, as required by process or management
* Perform documentation review and improvement

When an incident is detected, you'll work with the team to collect data to help incident response understand and mitigate the threat. You'll analyze alerts to figure out just how many systems are affected and initiate recovery efforts. You'll contribute to assessments and learn how to analyze patterns to understand attackers' goals to stop them from succeeding. This is a great opportunity to build your Cybersecurity skills and learn more about threat assessment and incident response. Join us as we protect civil services from malicious actors.

Empower change with us.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people-that's Booz Allen Cyber. When you join Booz Allen, we'll help you develop the career you want.

Competitions - From programming competitions at our PyNights, and Python competition and learning events to competing in CTFs, we've got plenty of chances for you to show off your skills.

Paid Research - Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University - CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere-including your phone-and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships - In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity-fully funded without a tuition cap.

Maker/Hackerspaces - Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

You Have:

* 2+ years of experience with operating within an enterprise security operations center (SOC)
* Experience with the use of IDS, IPS, or other signature matching technology
* Experience with log aggregation, correlation, and analysis using industry-standard SIEM tools, including Arcsight, Archer, and Splunk
* Experience with reviewing raw log files, data correlation, and analysis, including firewall, authentication, network flow, NAC, and system logs
* Knowledge of TCP/IP and networking concepts
* Knowledge of information security concepts, including malware, emerging threats, attacks, and vulnerability management
* Ability to work night-shift and weekend shifts
* Ability to obtain a security clearance
* HS diploma or GED

Nice If You Have:

* Possession of excellent analytical and interpersonal skills
* Possession of excellent oral and written communication skills
* BS degree in Engineering, CS, or a technical field
* GIAC, GCIH, or GCFE Certifications a plus

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.