About the role

Cyber Incident Response Analyst supporting 24/7 cybersecurity incident management and response operations for client. Engaging in case management, triage, and operational coordination activities.

Responsibilities

Provide first-line support for incidents and technical issues reported by client’s staff and customers.
Categorize and escalate incidents according to severity and ensure compliance with Standard Operating Procedures (SOPs).
Escalate cases to specialized teams (e.g., Threat Hunting, Vulnerability Management) where applicable.
Serve as the point of contact to coordinate with regional teams, private-sector entities, and partners to ensure full incident lifecycle execution.
Track and verify the distribution and resolution of service requests, while certifying effective communication between stakeholders.
Maintain active oversight of shared mailboxes, incoming incident reports, and phone systems to ensure efficient case routing and response.
Perform correlation analysis across cyber, physical, and communication threats to enhance situational awareness.
Support senior leadership by contributing to daily, weekly, and monthly reports, outlining emerging threat patterns and operational metrics.
Deliver exceptional customer service and technical support to the client’s partners during incident responses.
Participate in shift synchronization meetings to ensure seamless 24/7 Operations Center transitions.
Other duties as assigned.

Bachelor’s degree in a related discipline such as Homeland Security or Business, or a combination of education, technical training and equivalent experience.
CompTIA Security+ CE Certification: Demonstrates foundational knowledge in cybersecurity principles, risk management, and network security.
ITIL v4/v5 Certification: Proficient in IT service management best practices, including service lifecycle, continual improvement, and aligning IT services with business needs.
Demonstrated experience in delivering high-quality customer service, with a strong understanding of support workflows and client engagement best practices.
Additional (2) two years of experience may be substituted with an Associate’s degree.
Additional (4) four years of military and/or operations environment experience may be substituted with a high school diploma.
Must have between zero (0) and two (2) years of related experience.
Some travel may be required to Continuity of Operations sites.
Due to the nature of work at the client’s facility, U.S. Citizen is required.
Must possess a Top Secret/SCI security clearance and DHS Fitness.
Must be able to work varying hours 8-12 hours depending on needs to support 24/7/365 operations.
Must be able to pass a background check.