Back to all jobs

Cyber Defense Analyst, Senior

Booz Allen

Nov 25

Cyber Defense Analyst, Senior

The Challenge:

Are you ready to take a strategic role in cyber defense? Do you want to use your experience based knowledge to protect critical infrastructure from the constant onslaught of cyber attacks? If you want a position that uses your extensive threat analysis skills to perform advanced threat identification and complex incident response, you want to be a Tier 3 Security Operations Center (SOC analyst.

As an analyst on our SOC team, you’ll analyze logs, forensic data, and threat intelligence to find the advanced threats that are escaping detection. Using your deep understanding of your customer’s networks, combined with your cyber security experience, you’ll analyze patterns to understand attackers’ goals and stop them from succeeding. Once you find the adversary in the SEIM’s blind spot, you’ll advise the client on ways to close the gaps and harden their network. Let’s outsmart malicious actors and protect critical mission infrastructure. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 6+ years experience in Network or data analysis, packet capture analysis, malware detection, custom intrusion signature development, or advanced information assurance

  • Experience with system administration, network, and operating system hardening techniques

  • Knowledge of front-end collection systems, including traffic collection, filtering, and selection

  • Knowledge of cyber defense and information security policies, procedures, and regulations

  • Knowledge of cyber attackers including script kiddies, non-nation state sponsored, and nation sponsored

  • Knowledge of various types of network communication including, LAN, WAN, MAN, WLAN and WWAN

  • Knowledge of file extensions, including dll, .bat, .zip, .pcap and .gzip

  • Ability to interpret the information collected by network tools including, Nslookup, Ping, and Traceroute

  • Active TS/SCI clearance

  • Bachelor's degree

Nice If You Have:

  • Experience in detecting host and network based intrusions via intrusion detection technologies, including Snort

  • Experience with using protocol analyzers and collecting data from a variety of cyber defense resources

  • Experience reading and interpreting signatures, including Snort

  • Experience with assessing security controls based on cybersecurity principles and tenets, including CIS CSC or NIST SP 800-53, or Cybersecurity Framework

  • Experience evaluating the adequacy of security designs

  • Knowledge of using incident handling methodologies

  • Ability to analyze malware and conduct vulnerability scans and recognize vulnerabilities in security systems

  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies

  • CISSP, CISA, CISM, CASP Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.


The proposed salary range for this position in Colorado is 95,000 to 109,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

  • Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.