Incident Handler Cyber Security

Job Category: IT and Technology
Job Type: Full Time
Job Location: USA
Salary: $80K/yr - $128K/yr
Company Name: Peraton

Company Overview

Peraton tackles the world’s toughest challenges by delivering innovative solutions. We partner with clients to achieve the seemingly impossible, bringing together top talent, technology, and fresh perspectives to transform how things are done. If you’re driven by unique ideas and an entrepreneurial spirit, join us and be part of something bigger – do the can’t be done.

Cyber Defense Operations Analyst at Peraton

About Peraton:

Peraton is a leading national security company focused on delivering critical mission capabilities and transformative IT solutions across all domains, from land to space and cyberspace. We partner with essential government agencies and the U.S. armed forces to solve their most complex challenges and ensure global security. At Peraton, we empower our employees to achieve the seemingly impossible.

About the Role:

Join our team as a Cyber Defense Operations Analyst within the Secure Division Support program. You will be responsible for providing critical Cybersecurity Service Provider (CSSP) functions, including identifying, protecting, detecting, responding to, and recovering from cyber threats on Department of Defense Information Networks (DODIN). This role involves 24/7 persistent monitoring, conducting initial cyber incident triage and analysis, recommending and implementing DCO-Internal Defensive Measures (IDM), and collaborating with various stakeholders. You will analyze security events, recommend mitigation strategies against Advanced Persistent Threats (APTs), manage security sensors, and maintain crucial documentation and reports.

Responsibilities Include:

  • Conducting initial triage and analysis of cyber incidents using various data sources.
  • Recommending and taking immediate DCO-IDM response actions.
  • Providing incident analysis and recommending mitigation measures against APTs.
  • Blocking/restricting access based on threat intelligence.
  • Providing recommendations to operations and maintenance teams for remediation.
  • Justifying IDMs and potential operational impacts to relevant authorities.
  • Monitoring security sensors and providing real-time event analysis and response.
  • Ensuring proper handling of trouble tickets and adhering to established procedures.
  • Providing initial cyber incident reports to Law Enforcement and Counterintelligence (LE/CI) agencies.
  • Maintaining a Master Station Log (MSL) for high-visibility incidents and shift communication.
  • Developing reports, TTPs, SOPs, and other relevant documentation.
  • Contributing to the development of agreements, policies, and guidance.

Qualifications:

  • 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD.
  • Certifications: GIAC Certified Incident Handler (GCIH) AND one of the following: CISSP, CompTIA CySA+, CFR, GCFA, GCIA, GDSA, GICSP, GSEC, or RCCE Level 1.
  • Experience collecting and analyzing event information and performing threat analysis.
  • Experience supporting 24/7 persistent monitoring operations of networks and systems.
  • Demonstrated ability to manage and execute first-level incident responses.
  • Comfortable reporting to and coordinating with external organizations.
  • Background in disseminating security advisories.
  • U.S. Citizenship required.
  • Active Top Secret security clearance.
APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx