Search Remote Jobs

Senior Incident Response Analyst

Job not on LinkedIn

🔥 1 hour ago

🇺🇸 United States – Remote

💵 $160k - $170k / year

⏰ Full Time

🟠 Senior

🚨 Incident Response Analyst

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Cherokee Federal

Cherokee Federal

5001 - 10000 employees

Founded 1969

🏛️ Government

🔐 Security

🏢 Enterprise

Government • Security • Enterprise

Cherokee Federal is a U. S. federal systems integrator and government contractor that empowers mission success for more than 60 U. S. federal agencies. With a global workforce of over 5,000, it delivers advanced technology (cloud, cybersecurity, data & analytics), health services, intelligence analysis and operational support, logistics and sustainment, mission-critical manufacturing, program and engineering technical services, and dynamic contracting solutions to support federal priorities and national security. Cherokee Federal is part of Cherokee Nation Businesses and focuses on mission-focused, U. S. -made solutions.

📋 Description

• Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments. • Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies. • Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness. • Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques. • Perform root cause analysis and recommend corrective and preventive actions. • Document investigation findings, incident timelines, lessons learned, and technical reports. • Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows. • Support digital evidence collection and basic forensic activities while maintaining chain of custody. • Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities. • Support security reviews of IT systems, applications, and cloud services. • Assist with cybersecurity policies, standards, and operational procedures. • Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams. • Monitor incident metrics and contribute to operational reporting. • Stay current on emerging threats and industry best practices. • Performs other job-related duties as assigned.

🎯 Requirements

• 5+ years of cybersecurity experience with at least 3 years in Incident Response, Security Operations, Threat Hunting, or Detection Engineering. • Hands-on experience investigating Windows, Linux, cloud, identity, and network incidents. • Experience with SIEM platforms such as Splunk ES, Microsoft Sentinel, QRadar, or similar. • Experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne, or similar. • Knowledge of AWS GuardDuty, Security Hub, Azure Defender, or equivalent cloud security tools. • Strong understanding of MITRE ATT&CK and the incident response lifecycle. • Experience with log analysis, malware triage, threat hunting, and root cause analysis. • Strong written and verbal communication skills. • Ability to thrive in a fast-paced operational environment. • Experience with Splunk Enterprise Security correlation searches and detection tuning preferred. • Familiarity with Splunk SOAR or similar orchestration platforms preferred. • Experience supporting phishing investigations and tabletop exercises preferred. • Knowledge of FISMA, FedRAMP, NIST RMF, NIST 800-61, and NIST CSF preferred. • Python or PowerShell scripting experience preferred. • GCIH, GCIA, GCFA, CISSP, Security+, CySA+, or CEH certifications preferred. • Must be eligible to obtain and maintain a Public Trust. • Past applicable job experience may include, but is not limited to: Incident Response Analyst, Cybersecurity Analyst, Security Operations Center (SOC) Analyst, Threat Hunter, Detection Engineer, and Cyber Incident Responder. • Must pass pre-employment qualifications of Cherokee Federal.

🏖️ Benefits

• Medical • Dental • Vision • 401K • Other possible benefits as provided. Benefits are subject to change with or without notice.

Apply Now

Similar Jobs

🕒 6 days ago

Accuserve Solutions

201 - 500

🏠 Real Estate

🏢 Enterprise

Managed Repair Analyst II responsible for effective customer service in the insurance industry. Handling reconstruction processes and ensuring compliance with industry standards remotely from anywhere in the USA.

🇺🇸 United States – Remote

💵 $60k - $65k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🚨 Incident Response Analyst