Back to all jobs

Purple Team Threat Researcher

Booz Allen

Jul 29

Purple Team Threat Researcher

Key Role:

Build a world-class tool to help improve our client’s security postures.  Analyze the needs and the environment to make sure the solution you’re developing considers the current architecture and operating environment, and future functionality and enhancements.  Build systems to change the security landscape for the better.  This position is open to remote delivery from any location in the U.S., to include the District of Columbia. Due to the nature of work performed

within this facility, U.S. citizenship is required.

Basic Qualifications:

  • Experience with working in a Security Operations Center (SOC) environment
  • Experience in working with EDRs, including CrowdStrike, Carbon Black, Azure Sentinel or Microsoft Systems
  • Experience in working with SIEMs, including Splunk or ELK
  • Experience with offensive security tools, including Bloodhound, Cobalt Strike or others on Kali Linux
  • Knowledge of how to replicate sophisticated threats or threat actor behaviors
  • Ability to create and tune high-quality behavioral detection analytics in both the generic Sigma language and native product query language
  • HS diploma or GED

Additional Qualifications:

  • Experience with creating short, technical blog posts and webinars
  • Experience with reverse engineering tools, such as IDA Pro, Ghidra, or Binary Ninja
  • BA or BS degree
  • OSCP or GPEN Certifications

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.