Job Description
Job DescriptionDescription:
We are seeking a Senior Incident Response Analyst to support a Department of Defense cybersecurity mission in Pope, NC. This role supports cybersecurity operations protecting C2ISR Transport Infrastructure and National Security Systems (NSS) through advanced threat detection, incident response, and recovery.
The selected candidate will serve as a technical expert in cyber incident response, digital forensics, and threat intelligence, helping defend mission-critical DoD systems.
Key Responsibilities
- Lead and coordinate the full cyber incident response lifecycle including detection, analysis, containment, eradication, and recovery.
- Perform advanced threat analysis and digital forensics investigations.
- Monitor and analyze security events across C2ISR network environments.
- Develop and implement threat detection and prevention strategies.
- Support continuous monitoring and security operations.
- Provide cybersecurity guidance to engineering teams and leadership.
- Mentor junior and journeyman incident response analysts.
- Ensure compliance with incident response policies and security frameworks.
Technologies & Tools
- Experience with tools such as:
- Security Monitoring
- Splunk
- Microsoft Sentinel
Endpoint & Network Security
- Microsoft Defender for Endpoint
- SentinelOne
- Trellix
- Snort / Suricata / Zeek
Threat Intelligence & Vulnerability Tools
- MISP
- ThreatConnect
- Nessus
- Qualys
- OpenVAS
Incident Management & Automation
- ServiceNow
- Jira Service Desk
- SOAR platforms (Cortex XSOAR, Splunk Phantom)
Requirements:
Required Qualifications
Active TS/SCI clearance
- Experience supporting DoD cybersecurity environments
- Experience with cyber incident response, threat intelligence, and digital forensics
- Experience with SIEM, EDR, IDS/IPS, and vulnerability management tools
- Familiarity with DoD cybersecurity frameworks and compliance standards
Certification Requirement
Candidates must meet DoD 8140 requirements and obtain a DoD-approved IA baseline certification for ADP-III / IT-III within six (6) months of assignment.
Desired Qualifications
- Experience supporting C2ISR or ISR mission systems
- Experience with security automation or SOAR platforms
- Experience mentoring cybersecurity personnel