Back to all jobs

Cyber Defense Incident Responder, Mid

Booz Allen

Nov 24

Cyber Defense Incident Responder, Mid

The Challenge:

Are you ready to take an active role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber attacks? If you want to sharpen your skills by analyzing threats real-time, you want to be a Tier 2 SOC analyst.

As an analyst on our SOC team, you’ll monitor and analyze threats, using state-of-the-art tools. You’ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll analyze incidents to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to build your cyber security skills with hands on experience in threat assessment and incident response. Join us as we protect critical infrastructure from malicious actors. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 4+ years of experience in Malware analysis, digital forensics, data and network analysis, information assurance, or incident handling

  • Knowledge of cyber attackers, including script kiddies, non-nation state sponsored, or nation sponsored

  • Knowledge of cyber attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, or covering tracks

  • Knowledge of the common networking and routing protocols, including TCP/IP services, web, mail, DNS, and how they interact to provide network communications

  • Knowledge of Application Security Risks, including OWASP Top 10

  • Knowledge of incident response and handling methodologies

  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies

  • Ability to design incident response for cloud service models

  • Secret clearance

  • Bachelor’s degree

Nice If You Have:

  • Experience with identifying, capturing, containing, and reporting malware

  • Experience with securing network communications

  • Knowledge of recognizing and categorizing types of vulnerabilities and associated attacks

  • Knowledge of using security event correlation tools and designing incident response for cloud service models

  • Ability to protect a network against malware, including NIPS, anti-malware, and restrict and prevent external devices or spam filters

  • Security+, CISM, CISSP, or CISA Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.


The proposed salary range for this position in Colorado is 75,000 to 81,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

  • Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.