Cybersecurity Incident Response & Threat Detection Analyst

Role Overview:

Be on the front line of defending enterprise systems from cyber threats. You’ll monitor cybersecurity tools 24/7 to detect, analyze, and respond to unauthorized activity. Your expertise will drive rapid identification and response to APTs and zero-day attacks while leveraging OSINT and threat intelligence to maintain an active defense posture.

Responsibilities:

• Monitor SIEM and security tools to detect cyber threats and anomalies

• Investigate suspicious activity and determine root cause of incidents

• Perform threat hunting for APTs and stealthy attacks

• Leverage threat intelligence (including OSINT) to inform detection

• Develop scripts and tools to enhance IR capabilities

• Apply Defense-in-Depth principles across environments

• Support enterprise deployment of cybersecurity tools and detection logic

Skills and Experience:

• 5+ years of relevant cybersecurity experience

• 2+ years of root cause analysis and IR experience

• Hands-on experience with at least two of: IDS/IPS, antivirus, firewalls, DLP, vulnerability scanners, forensics, malware analysis

• Strong scripting (SPL, PowerShell, Python preferred)

• Experience with MITRE ATT&CK and threat detection models

Education:

Bachelors preferred.

Must have Cybersecurity Service Provider – Incident Responder related certification (CEH, GCIA, GCIH, CSIH, CFR, or equivalent)

Must have or be able to obtain an I.T. skill certification within six (6) months

Security Clearance:

Active DoD Top Secret Clearance (or active Secret and eligible for a Top Secret Clearance)