Apply Now

Incident Response Analyst

Overview

ITDC is seeking an Incident Response Analyst Level II to execute the incident response lifecycle per NIST SP 800-61 across detection, triage, containment, eradication, and recovery for a federal cybersecurity program.

Responsibilities
  • Triage SIEM alerts, EDR detections, and analyst escalations.
  • Lead or co-lead containment, forensic collection, and recovery actions.
  • Author incident reports, chain-of-custody logs, and lessons-learned.
  • Coordinate with SOC, ISSO, system owners, and BOP/DOJ-directed reporting channels.
Required Qualifications
  • 5+ years of cyber incident response experience (derived).
  • Hands-on EDR (Defender, CrowdStrike, Carbon Black) and SIEM (Splunk, Sentinel) experience.
  • NIST SP 800-61, SP 800-86 chain-of-custody familiarity; Volatility, KAPE, Velociraptor.
  • Bachelor's degree (derived); GCIH, GCFA, CSIH, or Security+ preferred.
Desired Qualifications
  • Federal IR experience with US-CERT / CISA reporting.
  • PII breach response and BOP/DOJ Breach Response Team coordination.
  • Threat hunting and IOC development experience.

Job Ref 2026-0503-12

Application Form

Back to Careers