What is the salary for this Cyber Security Incident Response Analyst – Intermediate role?

Salary information is not publicly listed for this position. Apply directly to discuss compensation with Agile Defense.

What is Agile Defense?

Agile Defense is actively hiring for Security roles. Visit the company page to see all open positions and learn more about working at Agile Defense.

Cyber Security Incident Response Analyst – Intermediate

Agile Defense Fort Huachuca, AZ Today

security

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 1389

Job Tittle: Cyber Security Incident Response Analyst – Intermediate

Location: Ft. Huachuca, AZ

Clearance: Secret

Required Certifications

Candidates must possess one of the following certifications prior to start date:

· CompTia Security+, Certified Ethical Hacker (CEH), CYSA+

Summary

We are looking for a skilled and proactive Incident Handler to join our 24x7 security operations team. The ideal candidate will be instrumental in protecting our organization by independently identifying, analyzing, and responding to cybersecurity incidents. This role requires a strong background in cyber security, 2-4 years of hands-on experience with incident response methodologies, and proficiency with tools like SIEM and EDR. You will manage the full lifecycle of security incidents, from detection to resolution, and contribute to the refinement of our defensive playbooks. Experience with Enterprise, Military or Department of War (DOW) operational environment is strongly desired.

Key Responsibilities

The Incident Handler will perform essential functions including, but not limited to:

· Incident Lifecycle Management: Independently manage the full lifecycle of low to medium-severity security incidents, beginning with the continuous monitoring and triage of alerts from SIEM and EDR tools, and proceeding through containment, eradication, and recovery.

· Log and Endpoint Analysis: Conduct detailed analysis of logs from various sources, including network devices, servers, and applications, as well as endpoint data from EDR platforms to investigate security events.

· Containment and Remediation: Utilize security tools to contain active threats, such as isolating endpoints or blocking malicious IP addresses. Execute and verify remediation steps to resolve the incident.

· Playbook Execution and Refinement: Execute complex incident response playbooks and provide constructive feedback to senior handlers for the refinement and improvement of current procedures.

· Reporting: Create clear and comprehensive incident reports detailing the timeline of events, investigative steps, root cause analysis, and actions taken to resolve the incident.

Required Qualifications

· Experience: Minimum of 2-5 years of experience in a dedicated incident response, security operations center (SOC), or closely related cybersecurity role.

· A bachelor’s degree in cyber security or related field can replace experience requirements.

· Core Knowledge: Strong understanding of the incident response lifecycle (e.g., NIST framework), common attack vectors, and foundational network and endpoint forensics.

· Tool Experience: Hands-on experience investigating and responding to threats using Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms.

· Skills: Proven analytical and problem-solving abilities, with a capacity to work independently on incidents of varying complexity.

· Communication: Excellent communication skills, with demonstrated ability to write clear, concise incident reports and collaborate effectively with other technical teams.

· Environment: Proven ability to work in a fast-paced 24x7 security operations environment, effectively managing and prioritizing multiple incidents.

· Clearance: Must be able to obtain and maintain a Secret security clearance.

Required Certifications

Candidates must possess one of the following certifications prior to start date:

· CompTia Security+, Certified Ethical Hacker (CEH), CYSA+

Preferred Qualifications (A Strong Plus)

· Military/DoD Experience: Familiarity with U.S. military policies, procedures, and organizational structures.

· Cyber Security Controls: Foundational understanding of cybersecurity controls and the importance of adhering to security policies in a professional environment.

· Network Analysis: Basic experience reviewing network activity logs and an understanding of common network protocols (e.g., DNS, HTTP, SMB).

· Endpoint Security: Familiarity with reviewing security events from standard endpoint platforms (e.g., antivirus, host firewalls).

· Tool Familiarity: Exposure to or academic experience with some of the following tools:

· A SIEM platform (e.g., Splunk, Kibana, Sentinel)

· MDE EDR platform and or KQL

· ServiceNow or another ticketing system

· Linux Command Line

Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.

What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.

We also believe in supporting our employees by offering a competitive and comprehensive benefits package. To explore the benefits we offer, please visit our website under the Careers section.

Happy - Be Infectious.

Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.

Helpful - Be Supportive.

Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.

Honest - Be Trustworthy.

Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.

Humble - Be Grounded.

Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.

Hungry - Be Eager.

Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.

Hustle - Be Driven.

Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities