Incident Response Analyst

Cyber Synergy Consulting GroupWashington, DC
16hRemote
Match Resume

About The Position

We are seeking an experienced Incident Response Analyst to support Task 4 – Incident Response Management on a federal cybersecurity services contract. This role provides front-line security event triage, investigation, reporting, and coordination across multiple federal cybersecurity teams. The ideal candidate has hands-on experience with enterprise IR tooling- CrowdStrike , FireEye (Trellix) , Splunk , NetWitness , and Magnet AXIOM -and is comfortable working in a high-tempo operational environment aligned with federal cybersecurity frameworks (NIST, FISMA, OMB).

Requirements

  • 2–5+ years of experience in cybersecurity operations, SOC analysis, or incident response.
  • Direct hands-on experience with IR tools, including: CrowdStrike Falcon (EDR) FireEye/Trellix (HX, Helix, or equivalent) Splunk (SIEM, dashboards, search queries) NetWitness (network forensics, packet analysis) Magnet AXIOM (host forensics)
  • Strong understanding of adversary techniques, malware behavior, incident timelines, and forensic artifacts.
  • Familiarity with NIST 800-61 , NIST 800-53 , FISMA, OMB guidance.
  • Ability to clearly document investigations and communicate findings to technical and non-technical audiences.
  • Eligibility to obtain and maintain a Public Trust clearance

Nice To Haves

  • Experience supporting federal agencies (HHS, DHS, DoD, DOJ, etc.).
  • Certifications such as Security+ , CySA+ , CEH , GCIH , GCIA , CHFI , or related.
  • Experience performing threat hunting across EDR, SIEM, and NDR tools.
  • Familiarity with packet analysis tools (Wireshark) and scripting languages (Python, PowerShell).
  • Experience with ServiceNow or similar ticketing platforms

Responsibilities

  • Perform initial triage of security events from SIEM, EDR, NDR, and log sources, including CrowdStrike , FireEye/Trellix , Splunk , NetWitness , and related platforms.
  • Conduct incident investigations , including host and network forensics, log analysis, and evidence review using tools such as NetWitness and AXIOM .
  • Coordinate closely with HHS CSIRC, OpDiv incident response teams, system owners, and security engineering staff to validate findings and recommend containment actions.
  • Provide daily updates , SITREPs, and written documentation of incident status, investigative steps, and remediation recommendations.
  • Develop incident dashboards and knowledge base documentation within Splunk and other IR platforms.
  • Support containment, eradication, and recovery efforts aligned to federal IR procedures.
  • Participate in tabletop exercises , readiness assessments, and operational continuity testing.
  • Monitor and manage the Incident Response Team (IRT) mailbox; escalate urgent items within required SLAs.
  • Assist with audit support, evidence gathering, and post-incident reviews.
  • Contribute to continuous improvement of incident response processes and playbooks.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Incident Response Analyst job opportunities

Senior Incident Response Analyst
Green Dot
Green Dot • Los Angeles, CA12d • Remote
Incident Response Analyst, Senior
Booz Allen Hamilton
Booz Allen Hamilton • Huntsville, AL8d
Incident Response Specialist, Analyst
Mitsubishi UFJ Financial Group
Mitsubishi UFJ Financial Group • Jersey City, NJ3d • Hybrid
🔥 New JobIncident Response Analyst, Senior
Booz Allen Hamilton
Booz Allen Hamilton • Huntsville, AL11h
Senior Incident Response & Cybersecurity Analyst
Hewlett Packard Enterprise
Hewlett Packard Enterprise • All, TX1d • Remote
Incident Response Analyst, Specialist
The Vanguard Group
The Vanguard Group • Dallas, TX2d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service