Incident Response Analyst

DecisionPoint seeks an Incident Response Analyst to support cybersecurity operations for a large federal and DoD-aligned mission environment. This role performs incident triage, evaluates alerts, assists with containment and eradication actions, and coordinates with stakeholders during cybersecurity events. The analyst will document incident timelines, produce response reports, and ensure incidents are handled in alignment with federal and DoD requirements. 

The Incident Response Analyst plays a critical role in protecting mission systems through rapid analysis, effective response coordination, and continuous improvement of incident-handling processes. 

This position is fully remote. 

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. 

The Incident Response Analyst will: 

• Triage cybersecurity incidents by reviewing alerts, logs, and event details to determine severity and scope. 

• Assist with containment, eradication, and recovery activities for confirmed security incidents. 

• Coordinate notifications and communication with response teams, leadership, and stakeholders. 

• Support digital forensics tasks such as log reviews, timeline reconstruction, and artifact analysis. 

• Perform investigation into anomalous activity, potential compromises, and threat indicators. 

• Document incident details, actions taken, lessons learned, and recommendations for future mitigation. 

• Contribute to incident reports, Situation Reports (SITREPs), and other required documentation. 

• Maintain incident tracking records and ensure compliance with federal and DoD reporting timelines. 

• Collaborate with SIEM analysts, vulnerability analysts, system engineers, and cybersecurity leadership. 

• Participate in incident response exercises and readiness testing. 

• Contribute to updates of incident response playbooks, runbooks, and standard operating procedures. 

• Support continuous monitoring and provide input into improvements of detection and response capabilities. 

Clearance Requirement 

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation. 

Education (Required) 

Bachelor’s degree in Cybersecurity, Digital Forensics, Information Technology, or a related field. 

Experience (Required) 

• Minimum 6 years of experience in incident response, cybersecurity operations, or digital forensics. 

• Experience performing triage, containment, and analysis during active cybersecurity incidents. 

• Experience reviewing logs, alerts, and security telemetry to assess threat activity. 

• Experience developing incident documentation, reports, or SITREPs. 

• Experience coordinating with cross-functional cybersecurity or IT teams during response activities. 

Technical Knowledge (Required) 

• Strong understanding of incident response methodologies, threat behaviors, and attack lifecycles. 

• Familiarity with SIEM tools, log analysis techniques, and evidence collection. 

• Knowledge of DoD cybersecurity policies, continuous monitoring, and reporting requirements. 

• Understanding of malware indicators, persistence mechanisms, and detection strategies. 

Technical Knowledge (Preferred) 

• Experience with forensic tools, packet capture analysis, or endpoint detection platforms. 

• Familiarity with MITRE ATT&CK, threat intelligence feeds, or correlation of indicators. 

• Experience contributing to incident response playbooks or building automated workflows. 

Certifications 

Required: 

• Security+ 

• CySA+ 

Preferred: 

• Additional DoD 8570/8140 compliant cybersecurity certifications 

• Digital forensics certifications (e.g., CHFI, GCFA, GCIA) 

Skills 

• Strong analytical abilities for investigating cybersecurity incidents in real time. 

• Excellent written communication skills for producing detailed and accurate incident reports. 

• Ability to coordinate with multiple teams and maintain composure during high-severity incidents. 

• High attention to detail for documenting artifacts, timelines, and remediation steps. 

• Ability to handle multiple ongoing investigations in a fast-paced, mission-critical environment. 

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.