Skip to content
Cyber Threat Intelligence Analyst
| Company | Booz Allen |
|---|
| Location | Washington, DC, USA |
|---|
| Salary | $86800 – $198000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior, Expert or higher |
|---|
Requirements
- 8+ years of experience with cybersecurity
- 4+ years of experience with conducting threat research focused on nation-state, criminal, or malicious Cyber activities
- Experience with translating complex technical cyber events into a narrative format for technical and executive audiences
- Experience with the technical capabilities and limitations of the internet and online technologies, including collaborative internet tools, such as social networking sites, blogs and microblogs, and internet mapping tools
- Experience with computer network protocols and operations
- Knowledge of Cyber intrusion vectors, malware, networking, and monitoring
- Knowledge of threat intelligence tradecraft, including structured analytic, contrarian, and imaginative analytic techniques
- Ability to write concise analytical products and assessments
- Top Secret clearance
- Bachelor’s degree
Responsibilities
- Work as a member of a threat intelligence team responsible for understanding how emerging cyber threats impact the client organization while conducting highly detail-oriented security threat analysis and working with clients to validate and characterize threats
- Support incident detection, response operations, and signature development and provide input on new detection strategies and remediation guidance
- Form accurate and precise analysis and escalate it to appropriate teammates or internal teams for additional assistance or review
- Provide intelligence context to support the fine-tuning of signatures
Preferred Qualifications
- Experience with Splunk
- Experience with Sentinel
- Experience with the intelligence community (IC) or national security-related areas
- Experience with open source and threat intelligence platforms, including Mandiant, CrowdStrike, VirusTotal, Shodan, and Domain tools
- Experience with using industry-standard digital forensics tools and procedures
- Experience with computer programming languages, including PhP, Python, SQL, C++, Perl, or Java
- Experience with SIEM and Endpoint tools, including Splunk, Defender, QRadar, and ArcSight
- Experience with penetration testing
- CEH and Security+ or CSA+ Certification
- GIAC Cyber Threat Intelligence (GCTI) Certification
