Key Role:
Design, implement, integrate, and maintain systems and tools to automate complex cyber activities. Apply advanced consulting skills, extensive technical expertise, and full industry knowledge. Consult on and lead vulnerability identification, new threat exposures, and emerging security technologies. Work with in-house teams to identify the right mix of tools, techniques, and procedures to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions. Take a critical approach to solution design, identifying gaps, providing alternatives, and customizing solutions to maintain a balance of security and business needs. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
Basic Qualifications:
3+ years of experience with tool integrations, including REST APIs and SOAP APIs
1+ years of experience with Splunk Phantom, including writing playbooks, troubleshooting, training, or supporting technical requests
Experience with FireEye, BigFix, Tanium, ForeScout, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Splunk, or ServiceNow
Experience in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence
Experience with Cyber Security technologies, protocols, and applications
Experience in Linux administration
Ability to provide knowledge transfer and training to clients and co-workers
Ability to obtain a security clearance
Bachelor's degree
Additional Qualifications:
3+ years of experience with programming languages, including Python
2+ years of experience with Splunk Phantom, including writing playbooks, troubleshooting, training, or supporting technical requests
Experience with Cybersecurity technologies, protocols, and applications, including EDR, SIEM, Firewalls, AV, and IDS/IPS
Experience in log management platforms, including Splunk, Elasticsearch, Logstash, Kibana, ELK and Elastic Stack
Experience in Networks and Network Protocols, including TCP, UDP, DNS, HTTP, HTTPS, SSH, and FTP
Ability to produce new playbooks and automate manual security operations procedures per the backlog and as requirements from security operations teams, as new security tools and controls emerge in the marketplace
Ability to help manage an inventory of integrations that enable broader playbook creation
Ability to work on developing connectors with tools to effectively enable end to end automation of security operations procedures
Security+, CEH, and CISSP Certification
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Compensation:
The proposed salary range for this position in Colorado is 125,000 to 150,000. Final salary will be determined based on various factors.
At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.