Title: Senior Incident Response Analyst (Temp-to-Perm). Highly prefer EST or Central Time Zone:
• Relevant GIAC certifications such as GCIH, GSEC, GCIA, or GCFE.
• Experience in capture-the-flag competitions or similar hands-on skills development.
We are seeking a highly experienced Incident Response Analyst for a temp-to-perm opportunity supporting enterprise-level cyber defense operations. The ideal candidate has deep experience in incident response, cybersecurity analysis, and threat detection across complex environments.
Responsibilities:
• Support the identification, containment, eradication, and recovery of sophisticated level 2 and level 3 security incidents.
• Provide technical guidance to cyber defense teams and assist in the resolution of complex incidents.
• Analyze host logs, network traffic logs, firewall data, IDS/IPS alerts, and other telemetry to identify threats and vulnerabilities.
• Coordinate incident response activities across internal IT teams, MSSPs, third-party vendors, and business units.
• Perform incident triage including determining scope, urgency, and potential business impact.
• Track and document incidents from detection through final resolution.
• Collect and analyze intrusion artifacts, including malware samples and suspicious files.
• Maintain and update incident management and ticketing systems with accurate and timely information.
• Recommend short- and long-term improvements to security controls and IR processes.
• Collaborate with intelligence analysts to correlate threat data and enhance detection capabilities.
• Contribute to the development and maintenance of incident response procedures and playbooks.
• Produce clear reports, guidance, and after-action summaries for stakeholders.
• Conduct trend analysis on incidents and recurring threat activity.
Required Experience:
• 8+ years in a cyber defense, incident response, or cybersecurity analyst role, or a bachelor’s degree with 4+ years of relevant experience.
• Strong experience leading or supporting IR for medium to high-complexity incidents.
• Expert-level proficiency with EDR platforms.
• Hands-on experience with Splunk, correlation searches, and enterprise security monitoring.
• Familiarity with ESAs, open-source malware analysis tools, and sandboxing technologies.
• Strong understanding of network fundamentals, threat vectors, and the full incident lifecycle.
• Ability to handle multiple incidents simultaneously while maintaining accurate documentation.
Preferred Qualifications:
• Relevant GIAC certifications such as GCIH, GSEC, GCIA, or GCFE.
• Experience in capture-the-flag competitions or similar hands-on skills development.
Compensation:
• Salary for the permanent position is targeted at approximately $140,000 annually, depending on experience.
