×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager

Cybersecurity Ops Analyst Senior CIRT

Remote / Online - Candidates ideally in
Knoxville, Knox County, Tennessee, 37955, USA
Listing for: Saic
Remote/Work from Home position
Listed on 2026-06-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Description

SAIC has an opening for a Cybersecurity Ops Analyst Sr. This position is located in Oak Ridge, Tennessee; however, SAIC is open to remote work for qualified candidates.

This role is a senior analyst position on SAIC’s Cyber Incident Response Team within the Enterprise Security Operations Center. Reporting to the Manager of Defensive Cyber Operations, the Cybersecurity Ops Analyst Sr is responsible for supporting complex cybersecurity incident investigations, forensic log analysis, and response activities across the enterprise.

The senior analyst will investigate escalated security cases, analyze security telemetry, perform forensic review, coordinate response actions, and help ensure SAIC maintains a strong, repeatable, and technically mature incident response capability. This includes analysis across SIEM, EDR, endpoint telemetry, identity platforms, email security tools, network logs, cloud telemetry, and other enterprise security data sources.

This position requires the ability to work laterally across the ESOC and the broader cybersecurity organization to investigate incidents, validate findings, coordinate response actions, and improve operational readiness. The analyst will serve as an escalation point for high priority cases and will help translate technical investigation findings into clear operational recommendations.

In addition to incident response and forensic responsibilities, the analyst contributes to continuous improvement across the ESOC by supporting playbook development, purple team exercises, tabletop exercises, post incident reviews, documentation, process refinement, and knowledge sharing with other analysts. This role is expected to strengthen investigative consistency, improve response readiness, and help mature the organization’s defensive cyber operations capability.

The position will work a 4x10 schedule, 7:00 a.m. EST to 5:00 p.m. EST, Monday through Thursday, with the expectation to support 24/7/365 operations as required.

Job Duties
  • Take escalated cybersecurity cases and coordinate triage, investigation, containment, eradication, and recovery activities across affected systems, accounts, and environments.
  • Conduct incident investigations using forensic analysis, SIEM, EDR, endpoint, identity, email, network, cloud, and other enterprise security telemetry to determine scope, impact, root cause, and potential data exposure.
  • Coordinate approved remediation actions such as account disablement, session revocation, email purge, endpoint isolation, IP or URL blocking, access review, and other response actions needed to reduce risk and restore affected environments.
  • Develop clear investigative timelines, case narratives, evidence summaries, technical findings, and response documentation to support operational decision making and post incident review.
  • Work laterally across the ESOC and cybersecurity organization to validate findings, communicate risk, coordinate response activity, and support timely incident resolution.
  • Identify detection gaps, control weaknesses, forensic visibility gaps, response gaps, and process improvement opportunities based on incident findings, case reviews, purple team activity, and tabletop exercises.
  • Support purple team exercises by validating alerts, reviewing adversary emulation activity, identifying visibility gaps, and helping convert findings into improved monitoring, investigation, and response procedures.
  • Lead tabletop exercises to validate response processes, escalation paths, communication workflows, analyst readiness, and cross functional coordination.
  • Identify training gaps and provide training, mentoring, and knowledge sharing to junior team members to strengthen investigative quality, technical capability, and operational consistency across the ESOC.
  • Create, maintain, and improve incident response playbooks, forensic investigation guides, case templates, escalation procedures, and operational documentation.
  • Support threat hunting and proactive analysis efforts based on observed incidents, emerging threats, forensic findings, and enterprise risk priorities.
  • Contribute to ESOC continuous improvement initiatives, including AI and…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search