Booz Allen HamiltonRemote
Security Automated Response Engineer
United States of America
Full Time
3 days ago
$87,000 - $198,000 USD
No H1B
Key skills
PythonAIArtificial IntelligenceKubernetesDockerPodmanSplunkGitVersion ControlZero Trust
About this role
Booz Allen Hamilton is a leading consulting firm, and they are seeking a Security Automated Response Engineer. This role involves developing Threat Defense Solutions with a focus on detection and automation, while collaborating with teams to create secure and effective solutions that meet client needs.
Responsibilities:
- Display a strong background in security operations, threat detection, and security engineering
- Be responsible for key contributions in developing Threat Defense Solutions, focusing on detection, automation, and development of artificial intelligence (AI) capabilities, which enable the client to achieve measurable growth and maturity
- Work with in-house teams to identify the right mix of tools, techniques, and procedures to translate your customers’ needs and future goals into a plan that will enable secure and effective solutions
- Take a critical approach to solution design, identifying gaps, providing alternatives, and customizing solutions to maintain a balance of security and business needs
- Create technical solutions to identify security threats, enhance detection capabilities, and drive improvement in response efforts
Requirements:
- 2+ years of experience building out security automation capabilities based on analyst requirements
- Experience with playbook development using Security Orchestration and Automated Response (SOAR) platforms such as Tines, Palo Alto XSOAR, Splunk Phantom, or Swimlane
- Experience with threat intelligence solutions such as ThreatQ, OpenCTI, or Analyst1
- Experience with programming using Python
- Experience with integrating solutions via APIs and creating custom apps or integrations
- Secret clearance
- HS diploma or GED
- Experience with Linux administration
- Experience with containerization technology such as Docker, Kubernetes, or Podman
- Experience with leveraging version control systems such as Git
- Experience with log management platforms such as the Elastic Stack or Splunk
- Experience supporting Defensive Cyber Operations
- Experience with integrating with AI systems
- Experience in DoW, Intelligence Community, or other regulated environments
- Knowledge of AI gateway security
- Knowledge of HTML, JS, CSS
- Knowledge of Zero Trust Architecture (ZTA) principles