Tier III Analyst
Job LocationsUS-WV-Martinsburg | US-DC-Washington | US-TX-AustinRequisition ID
2024-144049Position Category
Cyber SecurityClearance
Public TrustSector
Defense Mission & Health Solutions
ResponsibilitiesWe are seeking a Tier III Analyst to join our Peraton team who will lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents.
What you'll do:
The Tier III Analyst is also responsible for the following but not limited to:
Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences
Serve as a subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations
Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks
Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders
Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time
Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
Support the mentoring and training of more junior IR staff
Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities
This role is on-site, some telework (25%) may be permitted.
Work location: Can be either one of the following:
Martinsburg, WV
Washington, D.C
Austin, TXShift: 2nd Shift (3pm-11:30PM EST); Tuesday - SaturdayQualificationsBasic Qualifications:
Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD (additional 4 years' experience can be substituted for BS/BA)
5+ years of experience supporting large-scale IT related projects.
3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)
A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.
Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools
Experience with enterprise ticketing systems like ServiceNow
Must have one of the following certifications (or equivalent) within 6 months of onboarding:
GIAC Certified Incident Handler
EC-Council's Certified Incident Handler (E|CIH)
GIAC Certified Incident Handler (GCIH)
Incident Handling & Response Professional (IHRP)
Certified Computer Security Incident Handler (CSIH)
Certified Incident Handling Engineer (CIHE)
Must be a US Citizen
Must have the ability to obtain a Public Trust For full info follow application link.We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.