Incident Response Analyst

Incident Response Analyst Cambridgeshire

Booz Allen Hamilton
Full Time Cambridgeshire 10.56 - 12.04 GBP Today
Job description

Key Role:

The incident response analyst is an intermediate role directly contributing to efforts in digital forensic and incident response engagements. Commonly operating in an environment in which there is an actual or suspected compromise, candidate is required to have strong knowledge of a variety of sources of digital evidence to determine lateral movement, root cause, data staging, access and exfiltration stemming from threat actor activity across a variety of operating systems. Display professional and expert knowledge of incident response processes, tools, and techniques and be able to rapidly apply such knowledge to determine the extent and timeline of compromise associated with malicious activity. Handle a high volume of digital forensic investigations with little oversight during the investigation and make significant contributions to any forensic analysis efforts involving the larger team.

Basic Qualifications:

  • Experience responding to a variety of incident types, notably ransomware investigations

  • Experience using a variety of scripted forensic toolsets including PowerShell and Python

  • Experience in log analysis of multiple types to include firewall, IIS, and event logs

  • Knowledge of incident management and response activities across the incident life cycle

  • Knowledge of security tools and techniques used by Cybersecurity teams

  • Knowledge of Windows, Linux and Mac operating systems

  • Ability to work outside of the course of normal business hours, including contribution to a rotational weekend on-call schedule

  • Ability to adapt communications' style and messaging for professionals at all levels

  • Ability to travel up to 20% of the time to support client needs

  • Bachelor's degree and 2+ years of experience in cyber security, Digital Forensics, or Incident response or 4+ years of experience in cyber security, Digital Forensics, or Incident response in lieu of a degree

Additional Qualifications:

  • Experience with performing host and network forensics analysis, including using timestamps across different log types to develop authoritative timelines of activity to find evidence of malicious activity

  • Experience with performing anomaly or malware hunts using a common framework and standard methodology, including the MITRE ATT&CK framework

  • Experience with conducting digital memory acquisition using Volatility, Rekall, or similar tools and extracting malicious binaries for analysis

  • Experience with common scripting languages, including Perl or Python in the context of incident response and security operations

  • Knowledge of Elasticsearch and data visualization tools and methodologies

  • Knowledge of conducting investigations in AWS, Azure, and Google Cloud

  • Knowledge of security-related technologies, including IDS/IPS, SIEM, firewalls, Log Management, HIDS/NIDS, proxies, Endpoint Detection and Response, and other enterprise level appliances

  • Ability to be self-driven, work independently, and handle multiple tasks concurrently

  • Possession of excellent verbal and written communication skills

  • GIAC Certified Incident Analyst (GCIA), Certified Computer Security Incident Handler (CSIH), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), CREST Certified Incident Manager, or CREST Certified-Network Intrusion Analyst Certification

EEO Commitment

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Incident Response Analyst
Booz Allen Hamilton

www.boozallen.com
McLean, United States
Horacio D. Rozanski
$5 to $10 billion (USD)
10000+ Employees
Company - Public
Business Consulting
1914
Related Jobs

All Related Listed jobs

Sales Assistant
Kenji (UK) Limited Brierley Hill, England 8 - 10.7 GBP HOURLY Today

We are looking for people who have a real desire to learn and to make our customers happy! You'll need to work together to keep the store well stocked and tidy,

Multi Trade Fit out person
Parker Jones Group Leeds, England 32.5 GBP HOURLY Today

First project starts on 16th January 2023 in LEEDS. This is a hands on role, experience in 1st and 2nd fix carpentry and other mutli trades.

Admin Assistant (Hybrid)
Baynard Health London, England 31000 GBP ANNUAL Today

The role requires various admin work, such as database entry, responding to emails, etc. 25 days annual leave plus your birthday off.

Kennel and Cattery Assistant
Castlecroft Kennels & Cattery Stockport, England 9.5 GBP HOURLY Today

Candidates must have either a level 3 animal care qualification or previous kennel experience. Job Types: Full-time, Permanent.

Desktop Support Analyst (Liverpool)
Royal College of Physicians Liverpool, England 25479 - 64783 GBP ANNUAL Today

Shortlisted candidates will be invited to attend a first stage telephone interview. Employee assistance programme 24/7 advice and support for any work-related