Cyber Security Incident Response Analyst – Intermediate

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

• Comp Tia Security+
• Certified Ethical Hacker (CEH)
• CYSA+

We are looking for a skilled and proactive Incident Handler to join our 24x7 security operations team. The ideal candidate will be instrumental in protecting our organization by independently identifying, analyzing, and responding to cybersecurity incidents. This role requires a strong background in cyber security, 2-4 years of hands‑on experience with incident response methodologies, and proficiency with tools like SIEM and EDR.

You will manage the full lifecycle of security incidents, from detection to resolution, and contribute to the refinement of our defensive playbooks. Experience with Enterprise, Military or Department of War (DOW) operational environment is strongly desired.

• Incident Lifecycle Management:
  Independently manage the full lifecycle of low to medium‑severity security incidents, beginning with the continuous monitoring and triage of alerts from SIEM and EDR tools, and proceeding through containment, eradication, and recovery.
• Log and Endpoint Analysis:
  Conduct detailed analysis of logs from various sources, including network devices, servers, and applications, as well as endpoint data from EDR platforms to investigate security events.
• Containment and Remediation:
  Utilize security tools to contain active threats, such as isolating endpoints or blocking malicious IP addresses. Execute and verify remediation steps to resolve the incident.
• Playbook Execution and Refinement:
  Execute complex incident response playbooks and provide constructive feedback to senior handlers for the refinement and improvement of current procedures.
• Reporting:
  Create clear and comprehensive incident reports detailing the timeline of events, investigative steps, root cause analysis, and actions taken to resolve the incident.

• Experience:
  
  Minimum of 2-5 years of experience in a dedicated incident response, security operations center (SOC), or closely related cybersecurity role.
• A bachelor’s degree in cyber security or related field can replace experience requirements.
• Core Knowledge:
  Strong understanding of the incident response lifecycle (e.g., NIST framework), common attack vectors, and foundational network and endpoint forensics.
• Tool
  
  Experience:
  
  Hands‑on experience investigating and responding to threats using Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms.
• Skills:
  
  Proven analytical and problem‑solving abilities, with a capacity to work independently on incidents of varying complexity.
• Communication:
  Excellent communication skills, with demonstrated ability to write clear, concise incident reports and collaborate effectively with other technical teams.
• Environment:
  Proven ability to work in a fast‑paced 24x7 security operations environment, effectively managing and prioritizing multiple incidents.
• Clearance:
  Must be able to obtain and maintain a Secret security clearance.

• Military/DoD
  
  Experience:
  
  Familiarity with U.S. military policies, procedures, and organizational structures.
• Cyber Security Controls:
  Foundational understanding of cybersecurity controls and the importance of adhering to security policies in a professional environment.
• Network Analysis:
  Basic experience reviewing network activity logs and an understanding of common network protocols (e.g., DNS, HTTP, SMB).
• Endpoint Security:
  Familiarity with reviewing security events from standard…