Cyber Intelligence Automation Specialist

The Opportunity

In today's world of rapidly advancing technology, including IoT, machine learning, and artificial intelligence, there is an unprecedented amount of structured and unstructured data available. As a Cyber Intelligence Automation Specialist, your expertise in organizing data will be instrumental in uncovering pivotal insights from various sources. We are looking for an experienced data professional to assist our clients in deriving meaningful answers from their data for impactful missions, including fraud detection, cancer research, and national security.

In this role, you will leverage your skills to build cutting-edge technology solutions and lead data engineering initiatives on some of the industry's most mission-critical projects. You will oversee the development and implementation of data pipelines and platforms, ensuring that disparate data is transformed into valuable insights.

You will mentor a diverse team of analysts, data engineers, developers, and data consumers in a dynamic, agile environment. Your expertise in analytical exploration and data evaluation will guide the assessment, design, building, and maintenance of scalable platforms for our clients.

You Have

• 5+ years of experience in defensive cyber operations, cybersecurity engineering, or security platform architecture
• 3+ years of experience designing security data pipelines, focusing on collection, normalization, enrichment, and routing
• 2+ years of experience with SIEM platforms such as Splunk ES, Elastic Security, Sentinel, or Chronicle
• 2+ years of experience with SOAR platforms such as Swimlane, XSOAR, or Phantom
• Familiarity with cyber threat intelligence platforms, including STIX or TAXII and commercial or open-source data feeds
• Experience developing detection engineering pipelines, threat hunting workflows, and automated response capabilities
• Experience with EDR, NDR, or full-packet capture tools such as CrowdStrike, Corelight, or Trellix, and deploying solutions across cloud, on-prem, and disconnected environments such as Kubernetes and OpenShift
• Understanding of Zero Trust DoD IC frameworks and federal compliance
• TS/SCI clearance
• High School diploma or GED

Nice If You Have

• Experience with stream processing or data brokering platforms such as Cribl, Kafka, Logstash, Fluentd, or equivalent
• Experience with threat detection or anomaly-based behavioral analysis
• Experience with DevSecOps CI/CD pipelines in IL5, IL6, or IL7 environments
• Proficiency in Python or other scripting languages for security automation

Clearance

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Compensation

At Booz Allen, we recognize your contributions and offer a range of benefits to support your well-being and professional growth. Our offerings include health, life, disability, financial, and retirement benefits, along with paid leave, professional development opportunities, tuition assistance, work-life balance programs, and dependent care. We have a recognition awards program to celebrate exceptional performance and alignment with our values.

The salary range for this position is $86,800.00 to $198,000.00 annually, depending on various factors such as location, education, skills, and experience. Please note that the posting will close within 90 days from the posting date.

Identity Statement

As part of our hiring process, an identity verification process using advanced biometrics and artificial intelligence will be implemented to prevent identity fraud. Candidates are expected to be on camera during interviews and assessments.

Candidate AI Usage Policy

At Booz Allen, we are committed to ethical AI use while ensuring a fair candidate process. The use of AI or tools to assist during interviews is prohibited unless explicitly allowed.

Work Model

• Remote: This position may require occasional in-person work at a Booz Allen or customer facility.
• Hybrid: If hybrid, you will be expected to work from a Booz Allen facility regularly, based on leadership expectations and role requirements.
• Onsite: This position will primarily be performed at a Booz Allen office or customer facility, with a focus on collaborative work.

Commitment to Non-Discrimination

We consider all qualified applicants for employment without regard to disability, status as a protected veteran, or any other status protected by applicable law.