Cyber Incident Responder

We are seeking a motivated Incident Responder to support cyber defense operations for systems critical to NASA missions and national security.

This role is ideal for cybersecurity professionals with approximately 3 years of hands-on experience looking to deepen their skills in incident response within a high-impact government environment. You will work alongside experienced analysts to investigate alerts, respond to incidents, and strengthen overall security operations.

Mission Impact

• Support the protection of systems enabling space exploration and scientific missions
• Assist in defending high-value government infrastructure from evolving cyber threats
• Contribute to incident response efforts against real-world adversaries, including APT activity
• Gain experience operating in a mission-driven, security-focused environment

Key Responsibilities

• Monitor and triage security alerts from SIEM and EDR platforms
• Investigate potential incidents and escalate as appropriate
• Support containment and remediation activities during cyber incidents
• Perform log analysis across network, endpoint, and cloud environments
• Maintain proper documentation and chain-of-custody for investigations
• Collaborate with senior analysts, threat hunters, and engineering teams
• Assist in improving detection and response processes

• ~3 years of experience in incident response, SOC operations, or related cybersecurity roles
• Experience with tools such as SentinelOne, Splunk, or Microsoft Defender
• Basic understanding of incident handling processes and workflows
• Bachelor's degree in a related field (or equivalent experience)
• One or more relevant certifications (CySA+, Security+, GCIH, PenTest+, or similar)
• Active Secret clearance

Preferred Qualifications

• Familiarity with MITRE ATT&CK framework and common adversary techniques
• Experience analyzing logs and correlating security events
• Exposure to malware analysis, threat hunting, or digital forensics
• Strong attention to detail and ability to manage multiple tasks
• Active TS/SCI clearance, * Bachelor's (Required), * APT Hunting: 3 years (Preferred)
• Penetration testing: 3 years (Preferred)
• Digital Forensics: 3 years (Preferred)
• Incident response: 3 years (Preferred)
• SOC Operations: 3 years (Preferred)

Security clearance:

• Secret (Preferred)

Ability to Commute:

• Huntsville, AL 35816 (Required)

401(k), Health insurance, 401(k) matching, Paid time off, Vision insurance, Life insurance, * 401(k)

• 401(k) matching
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

TekFive is dedicated to empowering federal agencies through innovative IT automation, cloud provisioning, and enterprise application management. We specialize in delivering proven solutions within the Federal space, focusing on DevSecOps, Application Portfolio Management, Agile development, and mobile services. Our commitment is to support our teammates in executing complex IT contracts with expertise and precision.