Demo

Incident Response Analyst

Peraton
Peraton Salary
Fort Huachuca, AZ Full Time
POSTED ON 3/15/2025
AVAILABLE BEFORE 1/6/2026

Responsibilities

Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO – Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five (5) CSSP functions; Identify, Protect, Detect, Respond, and Recover. GCC is responsible to conduct these functions for its assigned portion of the DODIN for both unclassified and classified networks/ systems. The division provides support services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. The division provides sensor management and event analysis and response for network and host-based events. For sensor management, the division provides management of in-line Network Intrusion Protection System/Network Intrusion Detection System (NIPS/NIDS) sensors monitoring all CONUS DoDIN-A NIPRNet and SIPRNet Enterprise traffic to detect sensor outages and activities that attempt to compromise the confidentiality, integrity, or availability of the network. In coordination with GCC Operations, DCO initiates defensive security procedures upon detection of these attacks. Event analysis and response includes the processes involved with reducing multiple cyber incidents to actual malicious threat determinations and mitigating those threats IAW guidance received from GCC Government leadership. Support the Government in providing services for CSSP services on both the NIPRNet and SIPRNet IAW Appendix E: Secure Division Workload Assessment in support of the CONUS portion of the DoDIN-A. Develop reports and products, both current and long-term, in support of CSSP and course of action development. Prepare Tactics, Techniques, and Procedures (TTP), SOPs, Executive Summary (EXSUMS), trip reports, and information/point papers. Contribute during the preparation of agreements, policy, and guidance documentation such as Memorandums of Understanding / Agreement (MOU/A), Service Level Agreements (SLA).• Response Analysis. Collaborate with the Government to develop, staff, coordinate and execute Cyber Incident Response investigations for the operational environment (unclassified and classified) per CSSP-D (and/or ARCYBER/Higher Headquarters) Government leadership guidance. Investigations shall address each pre-determined category of cyber incident (IAW CJCSM 6510.01B) detected (internally or externally reported); address priorities and types of internal defensive measures and potential mitigation strategies to be employed (acceptable level of risk); include applicable aspects of the most current Cybersecurity Services Evaluator Scoring Matrix.• Validate security event information for each cyber incident ticket which includes at a minimum event name, date, time, location, source IP address, destination IP address, source ports, and destination ports. • Contact the responsible organization if additional information is required.• Coordinate with the Government to identify and maintain visibility of all potential or confirmed cyber incidents and/or security issues IAW ARCYBER/Higher Headquarters’ policies and procedures. • Obtain and maintain access to Joint Worldwide Intelligence Communications System (JWICS) and services to conduct cyber threat analysis support.• Respond to ARCYBER/Higher Headquarters’ inquiries on cyber incident status or issues as appropriate or requested.• Conduct quality control of cyber incidents to maintain compliance with CJCSM 6510.01B. • Provide and coordinate cyber incident trend analysis to identify systemic or potential issues on reported and confirmed cyber incidents. • Provide and brief cyber incident details IAW policies and procedures.• Coordinate and synchronize Incident Handling (IH) actions or cyber incidents with LE/CI per TTP. • Acquire any necessary data to determine scope of reported cyber incidents and ensure all investigation reports are automatically forwarded to ticketing solution, as required, with the most current action visible to ARCYBER/Higher Headquarters’ Incident Handling Portal/ticketing solution.• Certifications: DCWF Code 511 Advanced: Cisco Certified CyberOps Associate or CompTIA Cybersecurity Analyst (CySA ) or CyberSec First Responder (CFR) or Federal IT Security Professional-Operator-NG (FITSP-O) or GIAC Certified Forensics Analyst (GCFA) or GIAC Certified Intrusion Analyst (GCIA) or GIAC Defensible Security Architecture (GDSA) or GIAC Global Industrial Cyber Security Professional (GICSP) or GIAC Security Essentials Certification (GSEC)

Qualifications

Basic Qualifications:

  • 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
  • Ability to develop, staff, coordinate and execute Cyber Incident Response investigations for the operational environment (unclassified and classified) per CSSP-D (and/or ARCYBER/Higher Headquarters) Government leadership guidance.
  • Certifications: DCWF Code 511 Advanced: Cisco Certified CyberOps Associate or CompTIA Cybersecurity Analyst (CySA ) or CyberSec First Responder (CFR) or Federal IT Security Professional-Operator-NG (FITSP-O) or GIAC Certified Forensics Analyst (GCFA) or GIAC Certified Intrusion Analyst (GCIA) or GIAC Defensible Security Architecture (GDSA) or GIAC Global Industrial Cyber Security Professional (GICSP) or GIAC Security Essentials Certification (GSEC)
  • U.S. citizenship
  • Must have an active Top Secret
  • Comfortable briefing senior leadership

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Salary : $86,000 - $138,000

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Incident Response Analyst?

Sign up to receive alerts about other jobs on the Incident Response Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$87,466 - $114,731
Income Estimation: 
$114,790 - $146,930
Income Estimation: 
$115,647 - $153,495
Income Estimation: 
$144,787 - $181,934
Income Estimation: 
$176,609 - $225,542
Income Estimation: 
$92,662 - $117,866
Income Estimation: 
$112,753 - $144,134
Income Estimation: 
$112,753 - $144,134
Income Estimation: 
$144,787 - $181,934
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Peraton

Peraton
Hired Organization Address Honolulu, HI Full Time
Responsibilities Peraton is seeking a Senior Business and Financial Operations Specialist (Exercise Planner) to support ...
Peraton
Hired Organization Address College Park, MD Full Time
Responsibilities Peraton Labs is seeking an experienced Senior Research Scientist to join our team supporting fully clea...
Peraton
Hired Organization Address Annapolis, MD Full Time
Responsibilities Peraton’s Cyber Mission in Annapolis Junction, MD supplies the Intel community with mission essential N...
Peraton
Hired Organization Address Annapolis, MD Full Time
Responsibilities Peraton is seeking a Software Engineer to support an IC mission in the Ft. Meade / Annapolis Junction, ...

Not the job you're looking for? Here are some other Incident Response Analyst jobs in the Fort Huachuca, AZ area that may be a better fit.

Incident Response Analyst

ATG, Fort Huachuca, AZ

AI Assistant is available now!

Feel free to start your new journey!