Note: The job is a remote job and is open to candidates in USA. Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments. The Senior Incident Response Analyst will monitor, detect, investigate, and respond to cybersecurity threats while supporting coordinated incident response across multiple organizations.
Responsibilities
- Lead and coordinate cyber incident response activities across the full Incident Response lifecycle, including investigation, containment, eradication, and recovery
- Analyze security events, logs, network traffic, endpoint telemetry, and forensic artifacts to determine the scope, root cause, and impact of cyber incidents
- Identify adversary tactics, techniques, and procedures (TTPs) and develop indicators of compromise (IOCs) to improve threat detection and response
- Develop, maintain, and enhance Incident Response processes, playbooks, workflows, and standard operating procedures (SOPs)
- Configure, tune, and optimize security technologies, including SIEM, EDR, IDS/IPS, and related monitoring tools, to improve detection accuracy and reduce false positives
- Create and maintain detection content, including correlation rules, use cases, signatures, alerts, and automation scripts to strengthen SOC monitoring capabilities
- Document investigations, response activities, and findings within case management systems, producing clear incident reports and after-action documentation
- Establish and track SOC performance metrics and key performance indicators (KPIs) to measure operational effectiveness and support continuous improvement
Skills
- Ability to obtain Public Trust clearance and successfully complete the EOD process
- Candidates must possess at least one of the following certifications: GIAC: GCIH, GCIA, GCFA, GCFE, GREM, or GPEN, CISSP, OSCP, OSCE, or OSWP
- Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field and 12–15 years of relevant experience
- Must have technical hands-on experience in the areas of incident detection and response, malware analysis, or computer forensics
- Expertise with Windows and Linux operating systems, enterprise networking, common protocols, and security infrastructure (firewalls, proxies, VPNs, load balancers)
- Demonstrated experience investigating cyber incidents, performing root cause analysis, identifying attacker TTPs, and leveraging frameworks such as MITRE ATT&CK and the Cyber Kill Chain
- Proficiency in Python, PowerShell, Bash, or similar scripting languages to support security automation and incident response
- Experience in cyber government, and/or federal law enforcement FISMA systems
Company Overview