CIRT Tier 1 Analyst / Active Secret

Peraton

$80K — $128K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree with 2 years of experience, or High School diploma with 6 years of experience.
  • Possession or ability to obtain one cybersecurity certification (CCNA-Security, CySA+, etc.) before start date.
  • Understanding of ticketing systems like ServiceNow or Remedy.
  • Familiarity with computer networking protocols and cybersecurity principles.
  • Experience with incident response practices and documentation.
  • Proven critical thinking skills and decision-making abilities.
  • U.S. Citizenship and active Secret security clearance required.

Responsibilities

  • Detect, classify, and report on cybersecurity events and incidents.
  • Perform triage of alerts in a continuous response environment.
  • Monitor the CIRT hotline and related communication channels.
  • Initiate workflows based on established SOPs and create incident tickets.
  • Triage alerts from Splunk ES and Microsoft Defender for Endpoint.
  • Identify and manage phishing threats and malware behavior.
  • Coordinate with teams to analyze and respond to cybersecurity incidents.

Benefits

  • Work in a federal cybersecurity environment focusing on national security.
  • Opportunity to collaborate with various teams and agencies, including CISA.
  • Structured shift hours (0600 – 1400 EST, SUN-THU) or standard work weeks for better work-life balance.
Full Job Description
Responsibilities

Peraton is seeking an experienced CIRT Tier 1 Analyst to join Peratons' Federal Strategic Cyber Mission program.

 

Location: Beltsville, MD and Rosslyn, VA 

 

Work Hours: 0600 – 1400 EST, SUN-THU 

 

In this role, you will:

  • Detect, classify, process, track, and report on cyber security events and incidents. 
  • Perform triage of incoming alerts and requests in a 24x7x365 environment.
  • Monitor and triage the CIRT hotline, email inboxes, and fax.
  • Create tickets and initiate workflows as instructed in SOPs.
  • Triage Splunk Enterprise Security (ES) Alerts and Microsoft Defender for Endpoint (MDE) Alerts.
  • Identify and triage benign, spam, exercise, and malicious phishing email.
  • Perform binary artifact triage to understand malware behavior.
  • Coordinate and collaborate with Department teams as needed to analyze and respond to events and incidents.
  • Report incident information to the Cybersecurity and Infrastructure Security Agency (CISA).
  • Collaborate with other local, national and international CIRTs as directed.
  • Deliver and oversee remediation activities.
  • Conduct shift change briefs.

 

Qualifications

Required:

  • Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of experience.
  • Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment:
    • CCNA-SecurityCNDCySA+ GICSPGSECSecurity+ CESSCP
  • Knowledge of ticketing systems (i.e. ServiceNow, Remedy). 
  • Knowledge of computer networking protocols and principles.
  • Knowledge of cybersecurity principles, practices, threats, and vulnerabilities.
  • Knowledge of incident response principles and practices.
  • Skill in critical thinking by evaluating information and making independent decisions.
  • Demonstrated ability to work autonomously while taking initiative on assigned responsibilities. 
  • Ability to follow established procedures and written guidance with precision and attention to detail.
  • Skill in taking ownership of problems and seeing them through to completion.
  • U.S. Citizenship required.
  • Active Secret security clearance. 

 

Preferred Qualifications 

  • Experience with Splunk for security monitoring and alert triage. 
  • Knowledge of Microsoft Defender for Endpoint for security monitoring and response. 
  • Experience with ServiceNow for ticketing and workflow management. 
  • Knowledge of cloud security monitoring fundamentals. 
  • Experience with email security and phishing analysis. 
  • Knowledge of the MITRE ATT&CK framework.
  • Familiarity with PowerShell and basic scripting concepts.

 

Target Salary Range$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Similar Jobs

More Jobs at Peraton

More Information Technology Jobs

Find similar CIRT Tier 1 Analyst / Active Secret jobs: