Cybersecurity Operations Center Analyst - Booz Allen Hamilton

Key Responsibilities

• Monitor security alerts across SIEM and other detection tools, triaging incidents according to severity.
• Conduct real‑time analysis of network traffic, logs, and endpoint data to identify malicious activity.
• Perform incident response actions, including containment, eradication, and post‑mortem reporting.
• Develop and refine threat‑hunting queries and playbooks to improve detection coverage.
• Collaborate with engineering and threat‑intel teams to implement mitigations and improve overall security posture.

Requirements

• 2+ years of experience in a security operations center or similar environment.
• Proficiency with SIEM platforms (e.g., Splunk, QRadar, ArcSight) and log analysis.
• Strong knowledge of network protocols, firewalls, IDS/IPS, and endpoint security.
• Hands‑on scripting ability in Python or comparable language for automation and data parsing.
• Understanding of incident response frameworks and threat‑hunting methodologies.