Sr. Incident Response Analyst

Cherokee FederalUnited States,
$160,000 - $170,000

About The Position

The Senior Incident Response Analyst is a hands-on cybersecurity professional responsible for identifying, investigating, containing, and supporting the remediation of cybersecurity incidents across enterprise environments. Working closely with Security Operations, Detection Engineering, Cloud Security, and Vulnerability Management teams, this role helps protect mission-critical systems through rapid incident response, threat analysis, proactive threat hunting, and continuous process improvement. The successful candidate will play a key role in strengthening the organization’s cyber defense capabilities by improving incident response processes, supporting detection engineering efforts, participating in threat hunting activities, and helping mature overall security operations.

Requirements

  • 5+ years of cybersecurity experience with at least 3 years in Incident Response, Security Operations, Threat Hunting, or Detection Engineering.
  • Hands-on experience investigating Windows, Linux, cloud, identity, and network incidents.
  • Experience with SIEM platforms such as Splunk ES, Microsoft Sentinel, QRadar, or similar.
  • Experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne, or similar.
  • Knowledge of AWS GuardDuty, Security Hub, Azure Defender, or equivalent cloud security tools.
  • Strong understanding of MITRE ATT&CK and the incident response lifecycle.
  • Experience with log analysis, malware triage, threat hunting, and root cause analysis.
  • Strong written and verbal communication skills.
  • Ability to thrive in a fast-paced operational environment.
  • Must be eligible to obtain and maintain a Public Trust.
  • Must pass pre-employment qualifications of Cherokee Federal.

Nice To Haves

  • Experience with Splunk Enterprise Security correlation searches and detection tuning preferred.
  • Familiarity with Splunk SOAR or similar orchestration platforms preferred.
  • Experience supporting phishing investigations and tabletop exercises preferred.
  • Knowledge of FISMA, FedRAMP, NIST RMF, NIST 800-61, and NIST CSF preferred.
  • Python or PowerShell scripting experience preferred.
  • GCIH, GCIA, GCFA, CISSP, Security+, CySA+, or CEH certifications preferred.
  • Past applicable job experience may include, but is not limited to: Incident Response Analyst, Cybersecurity Analyst, Security Operations Center (SOC) Analyst, Threat Hunter, Detection Engineer, and Cyber Incident Responder.

Responsibilities

  • Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments.
  • Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies.
  • Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness.
  • Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques.
  • Perform root cause analysis and recommend corrective and preventive actions.
  • Document investigation findings, incident timelines, lessons learned, and technical reports.
  • Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows.
  • Support digital evidence collection and basic forensic activities while maintaining chain of custody.
  • Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities.
  • Support security reviews of IT systems, applications, and cloud services.
  • Assist with cybersecurity policies, standards, and operational procedures.
  • Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams.
  • Monitor incident metrics and contribute to operational reporting.
  • Stay current on emerging threats and industry best practices.
  • Performs other job-related duties as assigned.

Benefits

  • Medical
  • Dental
  • Vision
  • 401K
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service