
5001 - 10000 employees
Founded 1969
đď¸ Government
đ Security
đ˘ Enterprise
Government ⢠Security ⢠Enterprise
Cherokee Federal is a U. S. federal systems integrator and government contractor that empowers mission success for more than 60 U. S. federal agencies. With a global workforce of over 5,000, it delivers advanced technology (cloud, cybersecurity, data & analytics), health services, intelligence analysis and operational support, logistics and sustainment, mission-critical manufacturing, program and engineering technical services, and dynamic contracting solutions to support federal priorities and national security. Cherokee Federal is part of Cherokee Nation Businesses and focuses on mission-focused, U. S. -made solutions.
đĽ 1 hour ago
đşđ¸ United States â Remote
đľ $160k - $170k / year
â° Full Time
đ Senior
đ¨ Incident Response Analyst
Improve your chances of getting an interview by checking your resume score before you apply.

5001 - 10000 employees
Founded 1969
đď¸ Government
đ Security
đ˘ Enterprise
Government ⢠Security ⢠Enterprise
Cherokee Federal is a U. S. federal systems integrator and government contractor that empowers mission success for more than 60 U. S. federal agencies. With a global workforce of over 5,000, it delivers advanced technology (cloud, cybersecurity, data & analytics), health services, intelligence analysis and operational support, logistics and sustainment, mission-critical manufacturing, program and engineering technical services, and dynamic contracting solutions to support federal priorities and national security. Cherokee Federal is part of Cherokee Nation Businesses and focuses on mission-focused, U. S. -made solutions.
⢠Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments. ⢠Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies. ⢠Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness. ⢠Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques. ⢠Perform root cause analysis and recommend corrective and preventive actions. ⢠Document investigation findings, incident timelines, lessons learned, and technical reports. ⢠Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows. ⢠Support digital evidence collection and basic forensic activities while maintaining chain of custody. ⢠Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities. ⢠Support security reviews of IT systems, applications, and cloud services. ⢠Assist with cybersecurity policies, standards, and operational procedures. ⢠Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams. ⢠Monitor incident metrics and contribute to operational reporting. ⢠Stay current on emerging threats and industry best practices. ⢠Performs other job-related duties as assigned.
⢠5+ years of cybersecurity experience with at least 3 years in Incident Response, Security Operations, Threat Hunting, or Detection Engineering. ⢠Hands-on experience investigating Windows, Linux, cloud, identity, and network incidents. ⢠Experience with SIEM platforms such as Splunk ES, Microsoft Sentinel, QRadar, or similar. ⢠Experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne, or similar. ⢠Knowledge of AWS GuardDuty, Security Hub, Azure Defender, or equivalent cloud security tools. ⢠Strong understanding of MITRE ATT&CK and the incident response lifecycle. ⢠Experience with log analysis, malware triage, threat hunting, and root cause analysis. ⢠Strong written and verbal communication skills. ⢠Ability to thrive in a fast-paced operational environment. ⢠Experience with Splunk Enterprise Security correlation searches and detection tuning preferred. ⢠Familiarity with Splunk SOAR or similar orchestration platforms preferred. ⢠Experience supporting phishing investigations and tabletop exercises preferred. ⢠Knowledge of FISMA, FedRAMP, NIST RMF, NIST 800-61, and NIST CSF preferred. ⢠Python or PowerShell scripting experience preferred. ⢠GCIH, GCIA, GCFA, CISSP, Security+, CySA+, or CEH certifications preferred. ⢠Must be eligible to obtain and maintain a Public Trust. ⢠Past applicable job experience may include, but is not limited to: Incident Response Analyst, Cybersecurity Analyst, Security Operations Center (SOC) Analyst, Threat Hunter, Detection Engineer, and Cyber Incident Responder. ⢠Must pass pre-employment qualifications of Cherokee Federal.
⢠Medical ⢠Dental ⢠Vision ⢠401K ⢠Other possible benefits as provided. Benefits are subject to change with or without notice.
Apply Nowđ 6 days ago
Managed Repair Analyst II responsible for effective customer service in the insurance industry. Handling reconstruction processes and ensuring compliance with industry standards remotely from anywhere in the USA.
đşđ¸ United States â Remote
đľ $60k - $65k / year
â° Full Time
đĄ Mid-level
đ Senior
đ¨ Incident Response Analyst