Cybersecurity Incident Handler Job at Booz Allen Hamilton in San Antonio

Job Number: R0230489

Job Title: Cybersecurity Incident Handler

The Opportunity

As a security operations center analyst, you’re in the middle of the action, responding to and mitigating threats in real time. You’re the first line of cyber defense for your organization, guiding best practices and security measures. We need a Tier 1 SOC analyst to help secure critical infrastructure from the constant onslaught of cyber‑attacks for the mission partner.

Responsibilities

• Monitor, detect, and analyze threats by interacting directly with affected users and state‑of‑the‑art tools.
• Collect data to support incident response in understanding and mitigating threats.
• Analyze alerts to determine affected systems and initiate recovery efforts.
• Contribute to assessments and analyze patterns to understand attackers’ goals and stop them from succeeding.
• Work with a team to secure vital Air Force networks from malicious actors.

Required Qualifications

• Experience with a SOC actively engaged with incident response activities, including analysis of artifacts, writing incident reports, and triaging incidents.
• Experience with cyber threat intelligence, digital forensics, red teaming, threat hunting, cloud incident response, counterintelligence, or detection engineering.
• Knowledge of cybersecurity standards and implementation of industry best practices.
• Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800‑53 or NIST 800‑61.
• Ability to work a rotating shift schedule supporting a 24/7 environment.
• TS/SCI clearance.
• Bachelor’s degree or GED.
• DoD 8140 baseline Level II Certification.

Nice If You Have

• Experience with advanced Microsoft Office products.
• Experience with continuous monitoring, incident response, advanced threat hunting, secure cloud and mobile capabilities, ongoing assessment, digital forensics, and threat hunting.
• Experience with Cloud and DevSecOps.
• Experience with cybersecurity tools such as Microsoft Defender for Endpoint, Corelight, Suricata or Snort, Palo Alto and Cisco firewalls, Archer Case Management, ServiceNow, Threat Connect, Splunk Enterprise Security, Splunk SOAR, Cofense, IronPort Gateways, or Microsoft G5 Defender suite.
• Excellent verbal and written communication skills.
• Excellent time management and analytical skills.

Clearance

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Compensation

Salary is determined by location, education, skills, and experience. The projected range for this position is $69,400.00 to $158,000.00 (annualized USD). The posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model

• If the position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If listed as onsite, you’ll work with colleagues and clients in person as needed.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, veteran status, or any other protected status.