Threat Detection and Response Senior Manager
| Company | Booz Allen |
|---|---|
| Location | Fayetteville, NC, USA, Boston, MA, USA, Seattle, WA, USA, Orlando, FL, USA, Washington, DC, USA, Tampa, FL, USA, Miami, FL, USA, McLean, VA, USA, San Antonio, TX, USA, St. Louis, MO, USA, Norfolk, VA, USA, O’Fallon, IL, USA, New York, NY, USA, Charleston, SC, USA, Charlottesville, VA, USA, Newport News, VA, USA, El Segundo, CA, USA |
| Salary | $142900 – $266000 |
| Type | Full-Time |
| Degrees | Bachelor’s, Master’s |
| Experience Level | Senior |
Requirements
- 6+ years of experience with incident response and managing threat hunting teams in support of forensic investigations
- 6+ years of experience with EDR platforms such as SentinelOne, Defender for Endpoint, CrowdStrike, Cortex XDR, or Carbon Black
- Experience in conventional network or host-based intrusion analysis, digital forensics, or handling malware
- Knowledge of security principles such as MITRE ATT@CK framework, threat landscapes, and attacker TTPs
- Knowledge of the Microsoft Windows, Linux or Unix, and Mac operating systems
- Knowledge of Security Tools in Application, Data, Networks and Endpoint layers
- Ability to communicate effectively with executive-level contacts and with client C-Suite during investigations
- Ability to mentor team leads on business processes and technical support for team of threat hunters
- Bachelor’s degree in Computer Science, Security, or Digital Forensics
- Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Continuous Monitoring Certification (GMON), or GIAC Enterprise Incident Responder (GEIR) Certification
Responsibilities
- Provide senior leadership to the Threat Detection and Response (TDR) threat hunt team in support of the Digital Forensics Incident Response practice
- Utilize specific functional and general industry knowledge
- Mentor TDR team leads, in addition to providing support with case assignment, budget or utilization tracking, and oversight of internal projects
- Ensure quality management of work performed and deliverables to internal and external clients
Preferred Qualifications
- Experience with digital forensics on host or network from malware perspective
- Knowledge of network communications, routing protocols, regulatory standards, compliance requirements, and common internet applications or standards
- Knowledge of native system and network policies
- Ability to identify anomalous behavior on network or endpoint devices
- Master’s degree
- GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), or other relevant Certification