Senior Incident Response Analyst

Tetrad Digital Integrity LLCArlington, VA
Hybrid

About The Position

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years! TDI is seeking a Senior Incident Response Analyst to join our team in support of a mission-critical government program. As part of the Security Operations Center, you will help monitor, detect, investigate, and respond to cybersecurity threats affecting a large-scale enterprise environment while supporting coordinated incident response across multiple organizations. This position is hybrid with commute to the Arlington, VA area.

Requirements

  • Ability to obtain Public Trust clearance and successfully complete the EOD process.
  • Candidates must possess at least one of the following certifications: GIAC: GCIH, GCIA, GCFA, GCFE, GREM, or GPEN, CISSP, OSCP, OSCE, or OSWP.
  • Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field and 12–15 years of relevant experience.
  • Must have technical hands-on experience in the areas of incident detection and response, malware analysis, or computer forensics.
  • Expertise with Windows and Linux operating systems, enterprise networking, common protocols, and security infrastructure (firewalls, proxies, VPNs, load balancers).
  • Demonstrated experience investigating cyber incidents, performing root cause analysis, identifying attacker TTPs, and leveraging frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
  • Proficiency in Python, PowerShell, Bash, or similar scripting languages to support security automation and incident response.

Nice To Haves

  • Experience in cyber government, and/or federal law enforcement FISMA systems.

Responsibilities

  • Lead and coordinate cyber incident response activities across the full Incident Response lifecycle, including investigation, containment, eradication, and recovery.
  • Analyze security events, logs, network traffic, endpoint telemetry, and forensic artifacts to determine the scope, root cause, and impact of cyber incidents.
  • Identify adversary tactics, techniques, and procedures (TTPs) and develop indicators of compromise (IOCs) to improve threat detection and response.
  • Develop, maintain, and enhance Incident Response processes, playbooks, workflows, and standard operating procedures (SOPs).
  • Configure, tune, and optimize security technologies, including SIEM, EDR, IDS/IPS, and related monitoring tools, to improve detection accuracy and reduce false positives.
  • Create and maintain detection content, including correlation rules, use cases, signatures, alerts, and automation scripts to strengthen SOC monitoring capabilities.
  • Document investigations, response activities, and findings within case management systems, producing clear incident reports and after-action documentation.
  • Establish and track SOC performance metrics and key performance indicators (KPIs) to measure operational effectiveness and support continuous improvement.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service