Incident Response Threat Hunter
Booz Allen Hamilton Inc., Cambridge
Incident Response Threat Hunter
Salary not available. View on company website.
Booz Allen Hamilton Inc., Cambridge
- Full time
- Permanent
- Onsite working
Posted today, 26 Dec | Get your application in now to be one of the first to apply.
Closing date: Closing date not specified
job Ref: 418824e277d4407e93967469c0bb7cd2
Full Job Description
Incident Response Threat Hunter The Opportunity: Are you looking for threat hunter role in detecting cyber threats in support of active forensic investigations. Cyber threats are evolving, when perimeter security and automated protection aren't enough networks are compromised, information is accessed, data is exfiltrated, backups are wiped and ransomware is deployed locking up an entire organisation. Are you looking to join our threat detection and response team in performing active threat hunting to assist organisations recover from cyber incidents. We're looking for CND/CNO specialists who can think like a cyber attacker to figure out how security measures were circumvented by threat actors. This is an opportunity to use your analytical skills and gain endpoint detection and response experience to identify indicators of compromise. You will work in concert with incident response analysts actively engaged in forensic investigations. Join us. The world can't wait.
- Experience with EDR platforms, including Carbon Black, SentinelOne, CrowdStrike, Defender for Endpoint
- Experience with conventional network- and host-based intrusion analysis, digital forensics, or handling malware
- Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams
- Knowledge of security principles, including MITRE ATT@CK framework, threat landscapes, or attacker TTPs
- Knowledge of Microsoft Windows, UNIX, and Mac
- Knowledge on Security Tools in Application, Data, Networks, and Endpoint layers
- Ability to leverage internal and external resources for research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
- Ability to identify anomalous behavior on endpoint devices or network communications
- HS diploma or GED Nice If You Have:
- Experience with digital forensics on host or network from a malware perspective
- Knowledge of network communications, routing protocols, regulatory standards and compliance requirements, and common internet applications and standards
- Knowledge on native system and network policies
- Ability to identify anomalous behavior on network or endpoint devices
- GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security, including OSCP and OSCE, or a related Certification