Today
Public Trust
Unspecified
Unspecified
New Carrollton, MD (On-Site/Office)
Zachary Piper Solutions is seeking an Incident Response Analyst to join a high-impact cybersecurity team supporting the IRS Cyber Security Incident Response Center (CSIRC). This role offers a unique opportunity to work in a non-tiered SOC environment where analysts have full access to all systems and tools, enabling deep learning and hands-on experience across the entire incident response lifecycle. This position will be onsite in New Carrollton, MD!
This will be a 6:00 am ET - 2:00 pm ET Shift!
Responsibilities of the Incident Response Analyst include:
• Analyze network log data using tools such as Splunk ES, FireEye, ZScaler, NetWitness, Wireshark, and Linux CLI
• Perform proactive threat intelligence analysis using OSINT tools and techniques
• Conduct incident response, signature tuning, and alert triage (AV/IDS/other)
• Investigate and document incidents, correlate logs across multiple systems, and identify adversary TTPs
• Develop alerting criteria and improve detection capabilities across Windows and Linux environments
• Collaborate on scripting, automation, content development, malware analysis, and IoC extraction
• Establish baselines for network traffic and data flow to identify anomalies
• Support customer communications, RFIs, and incident follow-ups
Qualifications for the Incident Response Analyst include:
• 2-6 years of cybersecurity experience in SOC/CIRT environments
• Strong incident handling and investigation skills; not screen watchers
• Experience with Splunk SPL (Search Processing Language) for querying and analysis
• Proficiency in packet capture (PCAP) analysis using tools like Wireshark
• Solid understanding of networking fundamentals (OSI model, TCP/IP, DNS, firewalls, etc.)
• Strong knowledge of Windows and Linux operating systems and kernel-level operations
• Ability to obtain IRS Public Trust clearance (MBI review required; can start after initial approval)
Highly Preferred Qualifications:
• Experience with attacker methodology, red teaming, or penetration testing
• Scripting experience (Python preferred) for automation and threat detection
• Experience correlating logs from multiple sources and developing detection rule
• SANS GIAC certifications (e.g., GCIH, GCIA, GPEN)
• Malware analysis and IoC extraction experience
• Passion for cybersecurity demonstrated through extracurriculars (CTFs, Hack The Box, cyber clubs, home labs)
Compensation for the Incident Response Analyst includes:
• Salary Range: $80,000 - $100,000 -- $40 - $50/hr * depending on experience*
• Full Benefits: Medical, Dental, Vision, 401k, Paid Time Off, and Federal Holidays
This job opens for applications on 8/7/2025. Applications will be accepted for at least 30 days from the posting date.
Keywords:
#LI-MM1 #LI-ONSITE
Incident Response Analyst, SOC Analyst, Cyber Threat Intelligence, Splunk SPL, Wireshark, PCAP Analysis, Linux CLI, OSINT, IDS/IPS, FireEye, ZScaler, NetWitness, Python Scripting, Malware Analysis, IoC Extraction, SANS GIAC, Red Team, Penetration Testing, Cybersecurity Jobs, IRS CSIRC, Network Security, Threat Hunting, Log Correlation, Cyber Defense, Public Trust Clearance
This will be a 6:00 am ET - 2:00 pm ET Shift!
Responsibilities of the Incident Response Analyst include:
• Analyze network log data using tools such as Splunk ES, FireEye, ZScaler, NetWitness, Wireshark, and Linux CLI
• Perform proactive threat intelligence analysis using OSINT tools and techniques
• Conduct incident response, signature tuning, and alert triage (AV/IDS/other)
• Investigate and document incidents, correlate logs across multiple systems, and identify adversary TTPs
• Develop alerting criteria and improve detection capabilities across Windows and Linux environments
• Collaborate on scripting, automation, content development, malware analysis, and IoC extraction
• Establish baselines for network traffic and data flow to identify anomalies
• Support customer communications, RFIs, and incident follow-ups
Qualifications for the Incident Response Analyst include:
• 2-6 years of cybersecurity experience in SOC/CIRT environments
• Strong incident handling and investigation skills; not screen watchers
• Experience with Splunk SPL (Search Processing Language) for querying and analysis
• Proficiency in packet capture (PCAP) analysis using tools like Wireshark
• Solid understanding of networking fundamentals (OSI model, TCP/IP, DNS, firewalls, etc.)
• Strong knowledge of Windows and Linux operating systems and kernel-level operations
• Ability to obtain IRS Public Trust clearance (MBI review required; can start after initial approval)
Highly Preferred Qualifications:
• Experience with attacker methodology, red teaming, or penetration testing
• Scripting experience (Python preferred) for automation and threat detection
• Experience correlating logs from multiple sources and developing detection rule
• SANS GIAC certifications (e.g., GCIH, GCIA, GPEN)
• Malware analysis and IoC extraction experience
• Passion for cybersecurity demonstrated through extracurriculars (CTFs, Hack The Box, cyber clubs, home labs)
Compensation for the Incident Response Analyst includes:
• Salary Range: $80,000 - $100,000 -- $40 - $50/hr * depending on experience*
• Full Benefits: Medical, Dental, Vision, 401k, Paid Time Off, and Federal Holidays
This job opens for applications on 8/7/2025. Applications will be accepted for at least 30 days from the posting date.
Keywords:
#LI-MM1 #LI-ONSITE
Incident Response Analyst, SOC Analyst, Cyber Threat Intelligence, Splunk SPL, Wireshark, PCAP Analysis, Linux CLI, OSINT, IDS/IPS, FireEye, ZScaler, NetWitness, Python Scripting, Malware Analysis, IoC Extraction, SANS GIAC, Red Team, Penetration Testing, Cybersecurity Jobs, IRS CSIRC, Network Security, Threat Hunting, Log Correlation, Cyber Defense, Public Trust Clearance
group id: 10430981
