Cyber Incident Response Analyst

Job ID: 2503825

Location: REMOTE WORK, AL, US

Date Posted: 2025-03-27

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: Interim Secret

Clearance Level Must Be Able to Obtain: Secret

Potential for Remote Work: Yes

Description

SAIC is actively seeking a Cyber Incident Response Analyst to join the Cyber Incident Response Team (CIRT) in support of the United States Army Corps of Engineers (USACE) OCIO/G-6 Managed Security Services (MSS). This role ensures 24/7/365 cyber threat monitoring, incident response, and forensic investigations to protect USACE networks and systems from advanced cyber threats.

NOTE: This is a 100% Fully Remote

This position requires working rotating shifts, including nights, weekends, and holidays, as part of a 24/7/365 cyber operations environment.

As part of the CIRT, the Cyber Incident Response Analyst will:

• Monitor, analyze, and respond to cybersecurity incidents across USACE-supported networks, cloud environments, and classified systems.
• Utilize cybersecurity tools to detect, analyze, and correlate security events.
• Conduct real-time intrusion detection and prevention (IDS/IPS) monitoring, ensuring continuous protection against malware, denial-of-service (DoS) attacks, and unauthorized access.
• Identify, classify, and assess cyber incidents, determining the threat level, attack methodology, and root cause based on received alerts and forensic evidence.
• Conduct forensic investigations, including log analysis, host memory analysis, and evidence collection, ensuring compliance with CJCSM 6510.01B Cyber Incident Handling Program.
• Implement containment and eradication measures to mitigate cyber threats, preventing lateral movement and minimizing operational impact.
• Develop and maintain incident response playbooks based on MITRE ATT&CK framework and USACE threat intelligence.
• Provide incident coordination and threat intelligence sharing with Army Cyber Command, USACE OCIO/G-6, DoD, and other Federal agencies.
• Generate After Action Reports (AARs), network damage assessments (AR 380-53), and lessons learned, supporting continuous security improvements.
• Assist with cyber risk mitigation, vulnerability scanning, and penetration testing to enhance defensive capabilities.
• Maintain compliance with DoD 8140.03, ensuring continuous training and certification requirements are met.

Qualifications

Required Education and Experience:

• Bachelor’s degree and two (2) years or more experience; additional four (4) years of experience accepted in lieu of degree

Required Skills:

• Experience working with DoD, USACE, or Federal cyber operations in an incident response role
• Hands-on experience with MITRE ATT&CK framework, DISA STIG compliance, and Army cybersecurity policies
• Familiarity with Risk Management Framework (RMF), NIST 800-53, and DoD 8500.01

REQUIRED CLEARANCE:

• Must be able to obtain a full Secret Clearance to maintain employment; Interim Secret required prior to start

REQUIRED CERTIFICATION:

• Must hold at least one of the following CSSP-Incident Responder (IR) certifications:

  • CEH – Certified Ethical Hacker
  • CySA – Cybersecurity Analyst
  • CFR – CyberSec First Responder
  • CCNA Cyber Ops – Cisco Certified Network Associate Cyber Ops
  • CCNA Security
  • CHFI – Computer Hacking Forensic Investigator
  • GCFA – GIAC Certified Forensic Analyst
  • GCIH – GIAC Certified Incident Handler
  • SCYBER
  • PenTest

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.