Incident Response Threat Hunter
GBR, Cambridgeshire (Home), United Kingdom
Booz Allen Hamilton
We transform missions with tomorrow’s technologies to advance the country’s most critical civil, defense, and national security priorities.The Opportunity:
Are you looking for a threat hunter role, detecting cyber threats in support of active forensic investigations. Cyber threats are evolving, when perimeter security and automated protection aren’t enough networks are compromised, information is accessed, data is exfiltrated, backups are wiped and ransomware is deployed, locking up an entire organization. Are you looking to join our threat detection and response team in performing active threat hunting to assist organizations recover from cyber incidents.
We’re looking for CND and CNO specialists who can think like a cyber attacker to figure out how security measures were circumvented by threat actors. This is an opportunity to use your analytical skills and gain endpoint detection and response experience to identify indicators of compromise. You will work in concert with incident response analysts actively engaged in forensic investigations.
Join us. The world can't wait.
You Have:
Experience with EDR platforms, including Carbon Black, SentinelOne, CrowdStrike, or Defender for Endpoint
Experience with conventional network- and host-based intrusion analysis, digital forensics, or handling malware
Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams
Knowledge of security principles, including MITRE ATT@CK framework, threat landscapes, or attacker TTPs
Knowledge of Microsoft Windows, UNIX, and Mac
Knowledge on Security Tools in Application, Data, Networks, and Endpoint layers
Ability to leverage internal and external resources for research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
Ability to identify anomalous behavior on endpoint devices or network communications
HS diploma or GED
Nice If You Have:
Experience with digital forensics on host or network from a malware perspective
Knowledge of network communications, routing protocols, regulatory standards and compliance requirements, and common internet applications and standards
Knowledge of native system and network policies
GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security, including OSCP and OSCE, or a related Certification
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Carbon Black CND Compliance CrowdStrike DART EDR Forensics GCFA GIAC GNFA GREM Incident response Malware Offensive security OSCE OSCP Reverse engineering Threat detection Threat intelligence TTPs UNIX Vulnerabilities Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.