2038 Cleared Incident Response Analyst (TS/SCI Required)

*US CITIZENSHIP REQUIRED
*TOP SECRET CLEARANCE WITH SCI ELIGIBILITY AND/OR SPECIAL ACCESS REQUIRED
*THIS POSITION IS CONTINGENT UPON CONTRACT AWARD
*100% ON SITE AT POPE AFB, NC. REMOTE WORK IS NOT SUPPORTED

DESCRIPTION OF POSITION/DUTIES:
All Points is seeking an Incident Response Analyst (Journeyman) to support a Department of Defense mission at Pope Air Force Base (Pope AFB), NC. This is a contingent hire pending contract award and requires an active, current, and fully adjudicated U.S. Department of Defense Top Secret clearance with SCI eligibility and/or the ability to obtain special access. This position is 100% on site at Pope AFB, NC, with no remote or telework authorized.

The selected candidate will serve as an Incident Response Analyst responsible for monitoring, detecting, investigating, and responding to cybersecurity incidents across complex enterprise environments. This role operates at the journeyman level and requires the ability to independently perform incident response activities while coordinating with technical and security stakeholders in support of mission-critical systems.

Duties may include but are not limited to:

• Monitor, detect, and triage cybersecurity incidents across enterprise environments, including network boundaries and endpoint protection platforms.
• Conduct incident investigations, including forensic data collection, log analysis, and determination of incident scope and root cause.
• Execute containment, eradication, and recovery actions to minimize impact to mission-critical information systems.
• Produce detailed incident reports, post-incident reviews, and recommendations to enhance cybersecurity posture.
• Support maintenance and continuous improvement of incident response playbooks, tools, and procedures.
• Collaborate with cybersecurity architects, system administrators, and network engineers to support coordinated incident response efforts.
• Assist in maintaining continuous compliance with DoD Information Assurance (IA) policies, RMF requirements, and incident handling standards.
• Ensure adherence to established incident response procedures, documentation standards, and chain-of-custody requirements.
• Maintain accurate documentation for incident investigations, response actions, and recovery activities.
• Respond effectively to evolving cybersecurity threats in a dynamic operational environment.

EDUCATION:

• Minimum of a Bachelor's degree in a relevant technical discipline required.

YEARS OF EXPERIENCE:

• Minimum of 6 years of relevant cybersecurity or incident response experience.

SKILLS/CERTIFICATIONS:

• Experience supporting cybersecurity incident response operations in complex enterprise environments REQUIRED
• Experience conducting incident investigations, forensic analysis, and response activities REQUIRED
• Familiarity with SIEM platforms, endpoint detection and response tools, intrusion detection and prevention systems, and vulnerability management tools REQUIRED
• Experience operating in DoD controlled environments and supporting RMF-aligned cybersecurity operations REQUIRED
• DoD 8140 Workforce Role Category (WRC) 722 - ISSM (Intermediate) aligned certification REQUIRED, such as:
  • CISSP
  • CISM
  • CASP+
  • GSLC

Note: CompTIA Security+ alone does not meet the certification requirement for this role.

SECURITY CLEARANCE:

• U.S. Citizenship required
• Active, current, and fully adjudicated U.S. Department of Defense Top Secret clearance with SCI eligibility and/or special access required (interim clearances do not meet this requirement).

Positions with All Points are full time, direct positions, and we offer a comprehensive benefits package. For more information, please visit our Career Portal:
https://www.allpointsllc.com/careers/

ALL POINTS IS AN EQUAL OPPORTUNITY EMPLOYER