×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Security Analyst​/Incident Responder

Job in Alexandria, Fairfax County, Virginia, 22350, USA
Listing for: Nava
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 95000 - 140000 USD Yearly USD 95000.00 140000.00 YEAR
Job Description & How to Apply Below

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At Ana Vation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed

Ana Vation is looking for a Security Analyst (Incident Responder) to assist the client leadership with vulnerability management and incident response activities. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members.

Responsibilities
  • Lead and manage Incident Response (IR) activities to include triage, investigating, interviewing, resolving, and reporting on events. Creating, updating, and/or revising the IR Playbook and IR Plan.
  • Monitor, maintain and administer policies and rules within EDR and SIEM tools (e.g., Crowdstrike, Splunk).
  • Support and develop reports during and after incidents, which include all actions taken to properly mitigate, recover and return operations to normal operations.
  • Develop and implement defensive cyber best practice tactics, techniques, and procedures.
  • Maintain Incident Ticketing tracking system and related tickets within Remedy or other tracking tools.
  • Monitor and take action within multiple tools providing security functions such as vulnerability management(e.g., Nessus), configuration management (e.g., Tenable Security Center, IBM Big Fix, SCCM), endpoint protection (e.g., antivirus, ATP), intrusion detection software and hardware.
  • Manage and perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system and perform log analysis.
  • Ensure system and application logs are being sent to enterprise SIEM tool for log monitoring.
  • Conduct and manage vulnerability scans using Tenable SC and/or Qualys.
  • Analyze scan results, prioritize findings by risk and impact, coordinate with responsible parties for remediation and validate false positives.
  • Interacting with GRC tool (e.g., CSAM) to perform daily/weekly vulnerability analysis.
  • Creating and compiling weekly security metrics into dashboards and charts.
  • Presenting vulnerability analysis to system admins, system owners, and leadership.
  • Flexible with other security related tasks as needed by the customer.

This position is hybrid, with the potential for periodic onsite attendance at our customer location in Alexandria, VA.

Applicants who do not currently reside within commuting distance should describe how they would satisfy this requirement. Remote status is subject to change at the customer’s direction.

This position requires a Public Trust

Required Qualifications
  • Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.
  • 6 years’ experience as a Security Administrator or equivalent knowledge.
  • Hands‑on experience conducting incident response activities and vulnerability analysis of various systems, applications, security tools, databases, and networks logs.
  • Performing vulnerability scans with tools such as Tenable or Qualys.
  • Experience with Crowdstrike, TenableSC, Splunk. (Experience with comparable tools may be considered).
  • Experience with NIST SP 800-61 rev2 Computer Security Incident Handling Guide.
  • Excellent oral and written communication skills.
  • Familiarity with multi‑tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (e.g., buffer overflows, cross‑site‑scripting, SQL injection).
  • Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
  • Ability to use common tools such as Wireshark to examine network traffic.
  • Certifications:

    Security+ required.
Preferred Qualifications
  • Self‑Starter – ability to quickly become competent with new security‑related tools and processes.
  • Ability to conduct Deep Dive analysis to determine root cause assessment of various network scanning agents’ scanning or communication failures.
  • Ability to coordinate remediation strategies with…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary