Incident Response Analyst
7 days ago
Incident Response Analyst (Task 4 – Federal Cybersecurity Contract)
Location: Remote with occasional on-site (Washington, D.C. Metro Area)
Employment Type: Full-Time
Clearance: Public Trust (or eligibility to obtain)
We are seeking an experienced Incident Response Analyst to support Task 4 – Incident Response Management on a federal cybersecurity services contract. This role provides front-line security event triage, investigation, reporting, and coordination across multiple federal cybersecurity teams.
The ideal candidate has hands-on experience with enterprise IR tooling-CrowdStrike, FireEye (Trellix), Splunk, NetWitness, and Magnet AXIOM-and is comfortable working in a high-tempo operational environment aligned with federal cybersecurity frameworks (NIST, FISMA, OMB).
Key Responsibilities-
Perform initial triage of security events from SIEM, EDR, NDR, and log sources, including CrowdStrike, FireEye/Trellix, Splunk, NetWitness, and related platforms.
-
Conduct incident investigations, including host and network forensics, log analysis, and evidence review using tools such as NetWitness and AXIOM.
-
Coordinate closely with HHS CSIRC, OpDiv incident response teams, system owners, and security engineering staff to validate findings and recommend containment actions.
-
Provide daily updates, SITREPs, and written documentation of incident status, investigative steps, and remediation recommendations.
-
Develop incident dashboards and knowledge base documentation within Splunk and other IR platforms.
-
Support containment, eradication, and recovery efforts aligned to federal IR procedures.
-
Participate in tabletop exercises, readiness assessments, and operational continuity testing.
-
Monitor and manage the Incident Response Team (IRT) mailbox; escalate urgent items within required SLAs.
-
Assist with audit support, evidence gathering, and post-incident reviews.
-
Contribute to continuous improvement of incident response processes and playbooks.
-
2–5+ years of experience in cybersecurity operations, SOC analysis, or incident response.
-
Direct hands-on experience with IR tools, including:
-
CrowdStrike Falcon (EDR)
-
FireEye/Trellix (HX, Helix, or equivalent)
-
Splunk (SIEM, dashboards, search queries)
-
NetWitness (network forensics, packet analysis)
-
Magnet AXIOM (host forensics)
-
-
Strong understanding of adversary techniques, malware behavior, incident timelines, and forensic artifacts.
-
Familiarity with NIST 800-61, NIST 800-53, FISMA, OMB guidance.
-
Ability to clearly document investigations and communicate findings to technical and non-technical audiences.
-
Eligibility to obtain and maintain a Public Trust clearance.
-
Experience supporting federal agencies (HHS, DHS, DoD, DOJ, etc.).
-
Certifications such as Security+, CySA+, CEH, GCIH, GCIA, CHFI, or related.
-
Experience performing threat hunting across EDR, SIEM, and NDR tools.
-
Familiarity with packet analysis tools (Wireshark) and scripting languages (Python, PowerShell).
-
Experience with ServiceNow or similar ticketing platforms
-
Core hours: 7:00 AM – 5:00 PM EST, Monday through Friday, with the flexibility to support after-hours incidents as needed.
-
Participation in on-call rotations may be required.
-
Remote work permitted with reliable connectivity and camera-enabled participation.
-
Security Incident Response Analyst
15 hours ago
Washington, DC, United States Jamie Grayem Full timeSenior Incident Response Analyst (REMOTE/ On Call) The Organization Industry Healthcare Compensation Range$90,000 - $160,000 / year + 8% annual bonus On-Call Support Required Sponsorship No A diversified, national organization committed to improving health outcomes for its 28 million members through the innovative use of technology. The company offers...
-
Incident Response Analyst
4 days ago
Washington, DC, United States Talascend Full timeTalascend is currently seeking an Incident Response Analyst / Support for a contract opportunity with our client in Washington, District Of Columbia. Location Currently remote, but may be subject to Return to Work in the future. Schedule Candidate would be a part of a team supporting a 24/7/365 operation. Candidates may be asked to support weekend...
-
Protection and Response Analyst
4 hours ago
Washington, DC, United States Mele Accociates Full timeWe are seeking a mid-level analyst to assess SARs and incident reporting and support the development of protective response recommendations for DOE sites. This role serves as the principal analyst for maintaining and approving an Adaptive Protection Playbook. This position is dependent on being fully funded by the government. Key Duties and...
-
Cyber Security Incident Response Engineer:
15 hours ago
Washington, DC, United States Akraya Full timePrimary Skills: Incident Response-Expert, Scripting-Advanced, TCP/IP-Expert, Security Analysis-Expert, Digital Forensics-Advanced Contract Type: W2 Only Duration: 8+ Months with Possible Extension Location: Washington DC (Hybrid) Pay Range: $60 - $65 per hour. on W2 Job Summary: We are looking for a seasoned Cyber Security Incident Response Team (CSIRT)...
-
Monitoring and Incident Response Team Member
4 days ago
Washington, DC, United States ABBTECH Professional Resources Full timeLocation: Remote; may be subject to return in office - Washington D.C. Active Public Trust The selected individual will be a member of the Monitoring and Incident Response Team primarily responsible for monitoring our customer's network and infrastructure and managing communication during incidents. MIRT team members work a 24/7 shift schedule and are the...
-
Security Incident Analyst
2 weeks ago
Washington, DC, United States General Dynamics Information Technology Full timeType of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Case Management, Cybersecurity, Incident Analysis, Security Incident Response Certifications: None...
-
Lead Incident Responder
1 week ago
Washington, DC, United States DirectViz Solutions Full timeDirectViz Solutions, (DVS) is a rapidly growing government contractor that provides strategic services that meet mission IT needs for government customers. DVS provides innovative information technology solutions to government clients through the knowledge and expertise of our dedicated employees. DVS is an employee-centric employer that provides competitive...
-
Lead Incident Responder
2 weeks ago
Washington, DC, United States DirectViz Solutions Full timeDirectViz Solutions, (DVS) is a rapidly growing government contractor that provides strategic services that meet mission IT needs for government customers. DVS provides innovative information technology solutions to government clients through the knowledge and expertise of our dedicated employees. DVS is an employee-centric employer that provides competitive...
-
Cyber Defense Incident Responder- Mid
2 weeks ago
Washington, DC, United States ABBTECH Professional Resources Full timeCyber Defense Incident Responder- Mid Location- Washington, DC Clearance- Secret Salary- $95k-120k/yr The above salary range represents the range expected for the position; however, final salary offers are based on a number of factors such as the position's responsibilities; the candidate's experience, education, and skills; location; travel required; and...
-
Senior SOC Analyst
4 days ago
Washington, DC, United States InstantServe LLC Full timeJob Title: Senior SOC Analyst Location: Washington DC Duration: 12 Months (Hybrid Role) Description: Senior SOC Analyst with 6-10 years of experience, monitors, analyzes and responds to security issues, investigate attacks with other team members, assist in building situational awareness and implementing and incorporating multiple tools and technologies...
