CrawlJobs Logo

Cybersecurity Incident Handler

boozallen.com Logo

Booz Allen Hamilton

Location Icon

Location:
United States , San Antonio

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

69400.00 - 158000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a security operations center analyst, you’re in the middle of the action, responding to and mitigating threats in real time. You’re the first line of cyber defense for your organization, and they look to you for guidance on best practices and security measures. We need a SOC analyst like you to help us secure critical infrastructure from the constant onslaught of cyber-attacks.

Job Responsibility:

  • Monitor and analyze threats using state-of-the-art tools
  • Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
  • Analyze incidents to figure out just how many systems are affected and assist recovery efforts
  • Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding

Requirements:

  • Experience in cybersecurity
  • Experience in a security operations center, including incident response activities such as analysis of artifacts, writing incident reports, and triaging of security events
  • Knowledge of cyber threat intelligence, digital forensics, red teaming, threat hunt, cloud incident response, counterintelligence, and detection engineering
  • Knowledge of cybersecurity standards and the implementation of industry best practices
  • Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800-53 or NIST 800-61
  • Ability to work a rotating shift schedule supporting a 24/7 environment
  • TS/SCI clearance
  • HS diploma or GED
  • DoD 8140 Baseline Level II Certification

Nice to have:

  • Experience using Microsoft Office products
  • Experience with cyber technologies and capabilities, including continuous monitoring, incident response, advanced threat hunt, secure Cloud and mobile capabilities, ongoing assessment, digital forensics, and threat hunt
  • Experience with Cloud and DevSecOps
  • Experience with cloud native technologies across Cloud Service Providers such as AWS Guard Duty, Azure Defender for Cloud, AWS Macie, or Google Security Command Center
  • Experience with cybersecurity tools and solutions such as Microsoft Defender for Endpoint, Corelight, Suricata or Snort, Palo Alto and Cisco firewalls, Archer Case Management, ServiceNow, Threat Connect, Splunk Enterprise Security, Splunk SOAR, Cofense, IronPort Mail Gateways, or Microsoft G5 Defender suite
  • Experience supporting information assurance, networking, or systems administration
What we offer:
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program

Additional Information:

Job Posted:
January 04, 2026

Work Type:
On-site work
Icon
Booz Allen Hamilton - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Incident Handler

Senior Cybersecurity Analyst, Threat Hunter

Our cybersecurity and information security teams at IDEXX contribute to a more r...
Location
Location
United States , Westbrook, Maine
Salary
Salary:
120000.00 - 140000.00 USD / Year
idexx.com Logo
IDEXX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–10 years of experience in cybersecurity roles
  • Minimum of 3 years dedicated specifically to threat hunting or advanced incident response
  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field
  • Preferred certifications GCIH (GIAC Certified Incident Handler) and CompTIA CySA+ (Cybersecurity Analyst+) certification
  • Proven, hands-on experience using platform for EDR (Endpoint Detection and Response) and threat hunting
  • Expert-level knowledge of PowerShell Scripting, Python and EDR and SIEM query language is preferred
  • Deep understanding of incident response lifecycles, methodologies, and forensic techniques
  • Strong knowledge of networking protocols, operating systems (Windows, Linux, macOS), and common attack vectors
  • Familiarity with scripting languages (e.g., Python, PowerShell) for automation of hunting tasks is a plus
  • Exceptional analytical and problem-solving skills with keen attention to detail
Job Responsibility
Job Responsibility
  • Proactively hunt for indicators of compromise (IOCs) and advanced persistent threats (APTs) across the network, endpoints, and cloud environments using threat intelligence and a hypothesis-driven methodology
  • Conduct in-depth analysis of security events, network traffic, and endpoint data to identify malicious activity and potential breaches
  • Utilize the SIEM and EDR platform extensively, applying expert knowledge of the scripting, SIEM and EDR query language to perform complex searches and data analysis
  • Lead and participate in incident response activities, including containment, eradication, and recovery efforts, serving as a primary escalation point for critical security incidents
  • Develop and refine threat hunting playbooks, procedures, and detection rules to improve the security team’s efficiency and effectiveness
  • Collaborate with the security engineering and security operations center (SOC) teams to integrate new threat intelligence and enhance existing security tools and controls
  • Mentor junior analysts and contribute to the ongoing improvement of the organization's overall security posture
What we offer
What we offer
  • Opportunity for annual cash bonus
  • Health / Dental / Vision Benefits Day-One
  • 5% matching 401k
  • Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Handler

As a Cybersecurity Incident Handler, you’ll take the lead on investigating and m...
Location
Location
United States , Morristown
Salary
Salary:
86000.00 - 109250.00 USD / Year
zelis.com Logo
Zelis
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience
  • 3+ years of enterprise level incident handling
  • Ability to partner with enterprise teams within a cybersecurity context
  • Effective oral and written communication skills with experience in cybersecurity technical process documentation
  • Demonstrated cyber defense and information security passion
  • Proven record of thought leadership via innovation and non-traditional solutions
  • Fundamental understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards
Job Responsibility
Job Responsibility
  • Incident Analysis & Handling: Triage alerts, investigate suspicious activity, lead incident response steps, and coordinate containment and recovery efforts
  • Data Collection & Normalization: Make sure logs and security data are gathered correctly, cleaned up, and organized so the team can analyze them effectively
  • Digital Forensics: Examine systems, files, logs, and network data to understand what happened during security events
  • Mentoring & Training: Help newer analysts grow by sharing your experience, offering guidance, and running training sessions when needed
  • Technical / Process Guidance: Assist team members with technical questions, tool usage, investigation methods, and established response workflows
  • Shift Leadership: Act as the point person during your shift: manage workload, oversee investigations, ensure smooth handoffs, and support teammates. Participate in a rotating on-call schedule as required
  • Innovation: Look for opportunities to improve processes, recommend new tools or automations, and help refine how the team operates
What we offer
What we offer
  • 401k plan with employer match
  • flexible paid time off
  • holidays
  • parental leaves
  • life and disability insurance
  • health benefits including medical, dental, vision, and prescription drug coverage
  • Fulltime
Read More
Arrow Right

Mid-Level Cyber Security Engineer

We are seeking a Mid-Level Cyber Security Engineer to provide expert cyber domai...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree + 12+ years of related experience
  • Master’s degree + 10+ years of related experience
  • Ph.D. degree + 7+ years of related experience
  • 15+ years of related experience without a degree
  • Experience conducting site surveys for IT equipment (racks, desktop PC environments)
  • Experience installing IT hardware in 24/7 operational environments
  • Strong understanding of: Cybersecurity assessments
  • Incident response
  • Risk & vulnerability assessment
  • Cyber threat analysis
Job Responsibility
Job Responsibility
  • Conduct and review complex cybersecurity assessments
  • Identify system vulnerabilities and areas of non‑compliance with cybersecurity standards
  • Recommend mitigation strategies and risk‑reduction approaches
  • Perform research, evaluation, and development in advanced cybersecurity areas
  • Perform and maintain vulnerability scans, generating clear reports for leadership
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance
  • Support incident response teams with domain-specific expertise
  • Maintain a library of security audit tools and related testing processes
  • Review and update Authorization to Operate (ATO) documentation
  • Manage and report Plan of Action & Milestones (POA&M) compliance
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right
New

Senior Digital Forensics Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Minimum of 5 years of experience in the technology information security industry
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

We are seeking a Cyber Security Engineer to provide hands‑on cyber expertise acr...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree + 12 years of related experience
  • or Master’s degree + 10 years of related experience
  • or Ph.D. + 7 years of related experience
  • or 15 years of related experience with no degree
  • Experience in: Cybersecurity assessments, incident response, and threat/risk/vulnerability analysis
  • Supporting complex networks/systems (including differing classification levels)
  • Applying the Risk Management Framework (RMF)
  • Strong written and verbal communication skills
  • ability to brief technical/non‑technical stakeholders
  • At least one active security certification, such as: Security+ CE, CySA+, CCNA Security, SSCP, CISSP (or Associate)
Job Responsibility
Job Responsibility
  • Conduct and review technical cybersecurity assessments
  • Identify vulnerabilities and non‑compliance with cybersecurity standards
  • recommend mitigations
  • Perform research, design evaluation, technical development, and system integration planning
  • Perform and maintain vulnerability scans
  • produce clear reports and metrics
  • Track and report IAVM (Information Assurance Vulnerability Management) compliance
  • Maintain a curated library of security audit tools and procedures for testing, internal audits, incident response, and diagnosis
  • Maintain Authorization to Operate (ATO) records and supporting artifacts
  • Manage and report POA& M (Plan of Action & Milestones) compliance
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right

Senior Cloud Support

The Senior Cloud Support role is responsible for advanced operational support, s...
Location
Location
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • AZ-104: Azure Administrator Associate certification
  • 2+ years of experience in IT support or service desk
  • 3+ years of hands-on experience supporting Azure and/or Microsoft 365 environments
  • Experience in L2 or senior support capacity resolving complex cloud or infrastructure issues
  • Hands-on experience with Azure resource configuration, virtual machines, networking, AVD, identity, and monitoring
  • Experience with backup management and disaster recovery processes
  • Familiarity with cybersecurity fundamentals and security incident handling and cloud security tooling
  • Experience with ITIL (incident, request fulfillment, change and problem management) and ticketing systems
  • Microsoft Azure administration (compute, storage, networking, governance)
  • Azure Virtual Desktop management (host pools, images, FSLogix)
Job Responsibility
Job Responsibility
  • Ticket Resolution & Request Fulfilment: Respond to and resolve incidents and requests within the agreed SLAs
  • Handle user and complex incidents across Azure, AVD, and M365
  • Problem management: identify recurring issues, perform root-cause analysis
  • Escalation management: engage L3/vendor support only after thorough triage
  • Change Implementations (Cloud Deployments, Updates, Security Changes): Plan and execute changes within the cloud infrastructure
  • Security changes: implement, update, and maintain policies and security updates
  • Versioning and traceability: commit infra and configuration changes to source control
  • Monitoring of Systems & Networks (Availability, Security & Capacity): Tune monitoring and alerting in Azure Monitor and Log Analytics
  • Proactive capacity management: track trends, forecast needs, and recommend scaling strategies
  • SLA reporting: publish monthly availability, MTTR, and capacity headroom
What we offer
What we offer
  • A position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • A diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities
  • Fulltime
Read More
Arrow Right
New

Inbox Administrator

A prominent University in Birmingham is seeking two temporary Administrative Off...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
12.00 - 12.90 GBP / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
March 18, 2026
Flip Icon
Requirements
Requirements
  • Proven administrative experience, ideally within a higher education environment
  • Confidence working with shared inboxes, case queues, or ticketing systems
  • Comfortable working in a high-volume, operational setting
  • Strong organisational skills with the ability to prioritise workload
  • Good written communication skills
  • Ability to start as soon as possible
Job Responsibility
Job Responsibility
  • Managing and monitoring shared inboxes on a daily basis
  • Working through high-volume case queues in a structured and methodical manner
  • Responding to student and internal queries in line with agreed processes and service levels
  • Logging, tracking, and updating cases accurately within internal systems
  • Escalating complex queries where appropriate
  • Maintaining professionalism and attention to detail at all times
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy