Incident Response Analyst

About The Position

Requirements

• 10-12 years of hands-on cybersecurity experience within a SOC, including 6+ years in incident response or DFIR roles
• Demonstrated ability to lead major incidents affecting cloud infrastructure (AWS)
• Strong command of digital forensics methodologies (host, network, and cloud)
• Strong command of log and SIEM analysis (e.g., Splunk)
• Strong command of EDR platforms (e.g., Trellix)
• Strong command of network analytics and packet capture fundamentals
• Deep familiarity with MITRE ATT&CK, NIST SP 800-61, and cyber kill chain frameworks
• Excellent communication and situational leadership skills — able to brief executives under pressure
• U.S. Citizenship, must obtain Public Trust 6C.

Nice To Haves

• Relevant certifications, such as GCIA, GCFA, GCFE, GNFA, GCIH, GDAT
• Other vendors: Cybersecurity IR or forensic-focused certifications
• Experience mentoring responders and maturing SOC/IR capabilities
• Experience with MITRE ATT&CK, Threat Intelligence, Threat Hunting, Enterprise Logging, Cloud IR

Responsibilities

• Serve as the NGDC SOC’s technical authority during active cybersecurity incidents across hybrid cloud and on-prem environments.
• Direct responders, coordinate with enterprise stakeholders, and drive rapid containment and eradication of threats targeting the NGDC and FTII platforms.
• Support the SOC manager on the delivery of a daily brief to the FSA CISO.
• Master clear and concise verbal communications.

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)