Incident Response Analyst - Eligibility for TS/SCI Clearance
Location: Arlington, VA
About the Opportunity
A leading provider of advanced cybersecurity research, software solutions, and engineering services is seeking an experienced Incident Response Analyst. This role supports high-impact cybersecurity operations across critical infrastructure environments, combining incident response, threat hunting, and technical analysis.
Role Overview
The Incident Response Analyst will support cybersecurity incidents within ICS, OT, and IT environments, working with a multidisciplinary team to protect critical infrastructure sectors such as water, power, and transportation. This role requires strong technical acumen, exceptional analytical skills, and the ability to operate in sensitive and mission-driven environments.
Key Responsibilities
Respond to cybersecurity incidents affecting ICS/OT/IT environments and provide recommendations to prevent recurrence
Apply traditional and advanced incident response tradecraft to critical infrastructure networks
Conduct in-depth technical operations and forensic analysis
Contribute sector expertise across utilities and transportation environments
Collaborate in a team setting to support mission requirements for incident response and threat hunting
Maintain accurate documentation of all findings and actions
Prepare and present incident reports for management and stakeholders
Stay current with cybersecurity trends, threat activity, and evolving tools
Required Qualifications
Bachelor’s degree with 8+ years of related experience, Master’s with 6+ years, or PhD with 3+ years;
OR 12 years of technical experience in lieu of a degree
1–2 years of Threat Hunting or DFIR experience supporting Critical Infrastructure (CI) or Industrial Control Systems (ICS)
Scripting experience in Python, Bash, PowerShell, and/or JavaScript
Experience analyzing malicious applications across Linux, macOS, Windows, iOS, Android, and IoT devices
Experience conducting security site assessments and scoping activities
Hands-on experience with tools such as Ida-Pro, Ollydbg, X64dbg, Scylla, Objdump, Readelf, Ghidra, Process Explorer, CFF Explorer, Wireshark, Fiddler, Regshot, Process Monitor, and Process Hacker
Familiarity with open source and commercial tools for event analysis and security operations
Experience using SIEM platforms for pattern identification, anomaly detection, and trend analysis
Experience analyzing industrial control system protocols (e.g., ModBus, ENIP/CIP, BACnet, DNP3)
Ability to obtain and maintain a DHS background investigation (EOD)