×
Register Here to Apply for Jobs or Post Jobs. X

Cybersecurity Incident Handler

Job in Amarillo, Potter County, Texas, 79161, USA
Listing for: Pantex Plant
Full Time position
Listed on 2026-07-06
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security, Security Management & Operations
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Overview

Location: Amarillo, TX - Pantex Plant

Job Title: Cybersecurity Incident Handler

Career Level From: Associate

Career Level To: Senior Associate

Organization: Cyber Operations )

Job Specialty: Cyber Security

What You'll Do

We are seeking a highly skilled and motivated Cybersecurity Incident Handler with a specialized focus on Incident Coordination, Analysis, Threat Containment, and Response
. In this critical role, you will be the cornerstone for actively monitoring, detecting, and responding to security events that threaten our enterprise. We are looking for a dedicated analyst with a solid foundational understanding of security operations, capable of analyzing escalated security events, conducting deep-dive investigations, and executing initial containment activities. You will play an instrumental role in defending our hybrid (on-premises and cloud) environments from a rapidly changing threat landscape.

Your

Core Responsibilities
  • Advanced Incident Handling & Response:
    Serve as the primary driver for investigating escalated security incidents. Conduct deep-dive root-cause analysis of complex security events to determine the path, scope, and impact of potential compromises.
  • Incident-Driven Splunk Querying & Correlation:
    Utilize Splunk as an investigative powerhouse during active incidents. Develop target-focused Splunk queries (SPL) and search parameters to correlate logs, map threat actor activities, and trace attack paths.
  • Hybrid Environment Incident Investigation:
    Investigate security events and anomalous behaviors across a complex, hybrid infrastructure, including on-premises Active Directory, system endpoints, and cloud-native environments (such as Microsoft Azure/M365 and Amazon Web Services (AWS)).
  • Network Artifact & Traffic Analysis:
    Apply a strong understanding of network security principles and core networking protocols (TCP/IP, DNS, HTTP/S, SMTP) to analyze network packet captures, firewall logs, and security appliance detections during incident investigations.
  • Endpoint & Email Threat Remediation:
    Review endpoint telemetry from Endpoint Detection and Response (EDR) solutions and analyze email security logs (such as email gateways) to contain and remediate active threats like malware, ransomware, and phishing campaigns.
  • Playbook Execution & Containment Actions:
    Execute established incident response playbooks to contain active threats, limit damage, and coordinate remediation efforts. Collaborate with senior systems engineers, network administrators, and infrastructure teams to ensure complete threat eradication.
Who You Are
  • An End-to-End Incident Handler:
    You don’t just close isolated alerts; you have lived through the entire lifecycle of real-world attacks. You understand how threat actors think and operate, tracking them from the initial point of entry all the way through lateral movement to final eradication.
  • A Dedicated Incident Investigator:
    You excel at digging into logs, connecting disparate data points, and identifying the root cause of complex security incidents.
  • A Collaborative Security Partner:
    You’re a strong team contributor who enjoys collaborating with security engineering, systems administration, and desktop support teams to resolve active incidents.
  • A Proactive Problem Solver:
    You possess an exceptional ability to anticipate potential security challenges within systems and networks, actively identifying logging gaps and suggesting detection rule optimizations.
  • An Efficient Communicator:
    You can clearly document incident timelines and explain technical security events to both technical peers and non-technical stakeholders.
Preferred Skills And Expertise
  • Proven experience tracking and investigating security incidents through the entire attack lifecycle (e.g., Cyber Kill Chain, MITRE ATT&CK) from initial delivery and execution, through lateral movement, action on objectives, containment, and eradication.
  • Hands-on experience writing queries and analyzing data in Splunk (or other major enterprise SIEM platforms) to investigate incident-related data.
  • Demonstrated experience triaging, investigating, and containment-handling of escalated cybersecurity incidents.
  • Solid understanding of…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary