• Building a mock-up environment on the NATO Software Factory to replicate the functionalities that exist in the operational version of COMS today. • Capturing the requirements and demonstrating to industry the functionalities of the current capabilities by demonstrating on the mock-up environment. • Identify and capture the functional and non-functional requirements of what COMS is able to deliver today into a NATO AQAP conforming format. • Create a recorded video introducing what COMS is today, and going through the different requirements captured in D2. • Present a live demo of the COMS mock-up environment as part of an industry engagement day organized by NCIA.

• Design, implement, test, and tune detections across endpoint, identity, cloud, SaaS, network, and application telemetry. • Build detection-as-code practices using version control, testing, peer review, documentation, and repeatable deployment methods. • Improve SIEM and security telemetry pipelines, including log ingestion, parsing, enrichment, correlation logic, alert routing, and case management workflows. • Design and operate practical deception capabilities such as canary tokens, decoy accounts, honey assets, and other high-signal tripwires. • Lead and support incident response investigations — perform severity triage, coordinate containment and remediation, and produce clear post-incident findings. • Work closely with IT, infrastructure, engineering, and game development teams to improve security visibility and response readiness across the environment. • Support selected GRC activities including audit evidence collection, technical control documentation, third-party risk input, and policy or SOP documentation (approximately 20% of time).

• Lead security operations across 9+ markets including Mali, Burkina Faso, Niger, and the Democratic Republic of Congo. • Manage and train security leaders and consultants in each country while responding to crisis scenarios. • Translate Wave's risk appetite into practical security frameworks that protect employees and enable rapid business growth. • Design security systems and processes across Wave while remaining hands-on during critical incidents. • Serve as Wave's primary crisis response leader for security incidents across all markets, providing 24/7 on-call support during emergencies. • Establish and maintain crisis response protocols, evacuation procedures, and emergency communication systems across operating countries. • Build and maintain business continuity plans.

Security Operations Analyst Location: Huntsville United States Job Description: Security Operations Analyst, Mid The Opportunity: Respond to and resolve cybersecurity incidents, and proactively prevent the reoccurrence of these incidents. Apply leading-edge principles, theories, and concepts. Contribute to the development of new principles and concepts. Work on unusually complex problems and provide highly innovative solutions. Operate with substantial latitude for unreviewed action or decision. Mentor or supervise employees and technical competencies. You Have: - 5+ years of experience supporting Information Technology or Intelligence Operations - Experience supporting a Computer Incident Response Team, Cyber Network Operations, or Security Operations Center (SOC) operations for a large and complex enterprise - Experience with Intelligence Driven Defense, Cyber Kill Chain methodology, or MITRE ATT&CK framework - Knowledge of industry-accepted standards for incident response actions and best practices for SOC operations - Knowledge of security operation tools, including SIMs or DCAP analysis - Knowledge of intrusion set tactics, techniques, and procedures - Top Secret clearance - Bachelor's degree Nice If You Have: - Experience with Microsoft Sentinel - Experience with Splunk - TS/SCI clearance with a polygraph - GIAC Continuous Monitoring (GMON) Certification - GIAC Certified Incident Handler (GCIH) Certification - GIAC Certified Forensic Analyst (GCFA) Certification - GIAC Certified Intrusion Analyst (GCIA) Certification - GIAC Network Forensic Analyst (GNFA) Certification - GIAC Cloud Threat Detection (GCTD) Certification - GIAC Cloud Forensics Responder (GCFR) Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $61,900.00 to $141,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Candidate AI Usage Policy AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided. Work Model Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings. - Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility. - Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility. - Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.