Job Requirements
Remote
Public Trust Polygraph Unspecified
Career Level not specified
$160,000 - $170,000
Job Description
Senior Incident Response Analyst
The Senior Incident Response Analyst is a hands-on cybersecurity professional responsible for identifying, investigating, containing, and supporting the remediation of cybersecurity incidents across enterprise environments. Working closely with Security Operations, Detection Engineering, Cloud Security, and Vulnerability Management teams, this role helps protect mission-critical systems through rapid incident response, threat analysis, proactive threat hunting, and continuous process improvement.
The successful candidate will play a key role in strengthening the organization's cyber defense capabilities by improving incident response processes, supporting detection engineering efforts, participating in threat hunting activities, and helping mature overall security operations.
Compensation & Benefits:
Estimated Starting Salary Range for Senior Incident Response Analyst: $160,000-$170,000
Pay commensurate with experience.
Full-time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice.
Senior Incident Response Analyst Responsibilities Include:
Senior Incident Response Analyst Experience, Education, Skills, Abilities requested:
Company Information:
Criterion is a part of Cherokee Federal - a team of tribally owned federal contracting companies supporting mission-critical programs across the federal sector.
Similar searchable job titles:
Keywords:
#CherokeeFederal #LI #AppC2
Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.
Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, Accommodation request, and Presidential EO 14042 Notice.
The Senior Incident Response Analyst is a hands-on cybersecurity professional responsible for identifying, investigating, containing, and supporting the remediation of cybersecurity incidents across enterprise environments. Working closely with Security Operations, Detection Engineering, Cloud Security, and Vulnerability Management teams, this role helps protect mission-critical systems through rapid incident response, threat analysis, proactive threat hunting, and continuous process improvement.
The successful candidate will play a key role in strengthening the organization's cyber defense capabilities by improving incident response processes, supporting detection engineering efforts, participating in threat hunting activities, and helping mature overall security operations.
Compensation & Benefits:
Estimated Starting Salary Range for Senior Incident Response Analyst: $160,000-$170,000
Pay commensurate with experience.
Full-time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice.
Senior Incident Response Analyst Responsibilities Include:
- Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments.
- Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies.
- Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness.
- Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques.
- Perform root cause analysis and recommend corrective and preventive actions.
- Document investigation findings, incident timelines, lessons learned, and technical reports.
- Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows.
- Support digital evidence collection and basic forensic activities while maintaining chain of custody.
- Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities.
- Support security reviews of IT systems, applications, and cloud services.
- Assist with cybersecurity policies, standards, and operational procedures.
- Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams.
- Monitor incident metrics and contribute to operational reporting.
- Stay current on emerging threats and industry best practices.
- Performs other job-related duties as assigned.
Senior Incident Response Analyst Experience, Education, Skills, Abilities requested:
- 5+ years of cybersecurity experience with at least 3 years in Incident Response, Security Operations, Threat Hunting, or Detection Engineering.
- Hands-on experience investigating Windows, Linux, cloud, identity, and network incidents.
- Experience with SIEM platforms such as Splunk ES, Microsoft Sentinel, QRadar, or similar.
- Experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne, or similar.
- Knowledge of AWS GuardDuty, Security Hub, Azure Defender, or equivalent cloud security tools.
- Strong understanding of MITRE ATT&CK and the incident response lifecycle.
- Experience with log analysis, malware triage, threat hunting, and root cause analysis.
- Strong written and verbal communication skills.
- Ability to thrive in a fast-paced operational environment.
- Experience with Splunk Enterprise Security correlation searches and detection tuning preferred.
- Familiarity with Splunk SOAR or similar orchestration platforms preferred.
- Experience supporting phishing investigations and tabletop exercises preferred.
- Knowledge of FISMA, FedRAMP, NIST RMF, NIST 800-61, and NIST CSF preferred.
- Python or PowerShell scripting experience preferred.
- GCIH, GCIA, GCFA, CISSP, Security+, CySA+, or CEH certifications preferred.
- Must be eligible to obtain and maintain a Public Trust.
- Past applicable job experience may include, but is not limited to: Incident Response Analyst, Cybersecurity Analyst, Security Operations Center (SOC) Analyst, Threat Hunter, Detection Engineer, and Cyber Incident Responder.
- Must pass pre-employment qualifications of Cherokee Federal.
Company Information:
Criterion is a part of Cherokee Federal - a team of tribally owned federal contracting companies supporting mission-critical programs across the federal sector.
Similar searchable job titles:
- Senior Incident Response Analyst
- Senior Cybersecurity Analyst
- Senior SOC Analyst
- Cyber Incident Response Analyst
- Cybersecurity Incident Responder
- Threat Hunter
- Detection Engineer
- Security Operations Analyst
- Senior Security Operations Analyst
- Cyber Defense Analyst
Keywords:
- Incident Response
- Cybersecurity
- Security Operations
- SOC
- Threat Hunting
- Detection Engineering
- SIEM
- Splunk Enterprise Security (Splunk ES)
- Microsoft Sentinel
- QRadar
- EDR/XDR
#CherokeeFederal #LI #AppC2
Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.
Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, Accommodation request, and Presidential EO 14042 Notice.
group id: 10215765F
Who We Are