Senior Incident Response Analyst
Tetrad Digital Integrity LLC
Arlington, United States of America
14 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Arlington, United States of America
Tech stack
Microsoft Windows
Proxy Servers
Bash
Computer Security
Computer Networks
Computer Forensics
Linux
Monitoring of Systems
Intrusion Detection and Prevention
Intrusion Detection Systems
Virtual Private Networks (VPN)
Python
Powershell
Security Information and Event Management
Scripting (Bash/Python/Go/Ruby)
Load Balancing
Mitre Att&ck
Malware
Cyber Threat Analysis
Firewalls (Computer Science)
Information Technology
Security Orchestration, Automation & Response
Job description
TDI is seeking a Senior Incident Response Analyst to join our team in support of a mission-critical government program. As part of the Security Operations Center, you will help monitor, detect, investigate, and respond to cybersecurity threats affecting a large-scale enterprise environment while supporting coordinated incident response across multiple organizations. This position is hybrid with commute to the Arlington, VA area., * Lead and coordinate cyber incident response activities across the full Incident Response lifecycle, including investigation, containment, eradication, and recovery.
- Analyze security events, logs, network traffic, endpoint telemetry, and forensic artifacts to determine the scope, root cause, and impact of cyber incidents.
- Identify adversary tactics, techniques, and procedures (TTPs) and develop indicators of compromise (IOCs) to improve threat detection and response.
- Develop, maintain, and enhance Incident Response processes, playbooks, workflows, and standard operating procedures (SOPs).
- Configure, tune, and optimize security technologies, including SIEM, EDR, IDS/IPS, and related monitoring tools, to improve detection accuracy and reduce false positives.
- Create and maintain detection content, including correlation rules, use cases, signatures, alerts, and automation scripts to strengthen SOC monitoring capabilities.
- Document investigations, response activities, and findings within case management systems, producing clear incident reports and after-action documentation.
- Establish and track SOC performance metrics and key performance indicators (KPIs) to measure operational effectiveness and support continuous improvement.
Requirements
- Ability to obtain Public Trust clearance and successfully complete the EOD process.
- Candidates must possess at least one of the following certifications: GIAC: GCIH, GCIA, GCFA, GCFE, GREM, or GPEN, CISSP, OSCP, OSCE, or OSWP.
- Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field and 12-15 years of relevant experience.
- Must have technical hands-on experience in the areas of incident detection and response, malware analysis, or computer forensics.
- Expertise with Windows and Linux operating systems, enterprise networking, common protocols, and security infrastructure (firewalls, proxies, VPNs, load balancers).
- Demonstrated experience investigating cyber incidents, performing root cause analysis, identifying attacker TTPs, and leveraging frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
- Proficiency in Python, PowerShell, Bash, or similar scripting languages to support security automation and incident response., * Experience in cyber government, and/or federal law enforcement FISMA systems.
About the company
Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years!