Tyto Athene, LLC
Join to apply for the
Incident Detection Analyst
role at
Tyto Athene, LLC .
Tyto Athene is seeking an
Incident Detection Analyst
to support our customer in Washington, DC.
Hours of Operation/Shift
Monday-Friday 3PM EST - 1130PM EST
Responsibilities
Review, annotate, and resolve security incidents as directed by the Intrusion Detection Team, Watch Officer, SOC management, or other SOC teams, 24/7, with schedule adjustments based on AOUSC needs.
Conduct incident triage to prioritize security incidents, identify relevant data sources, and perform immediate threat evaluation and containment following SOC protocols.
Perform deep dive analysis of malicious links and files, utilizing manual and automated methods.
Optimize configuration and tuning of SOC security tools to reduce false alerts.
Provide executive summaries, briefing slides, and metric reports for SOC management and leadership.
Communicate event notifications clearly, providing sufficient detail for system or network administrators to act.
Support local incident responders, providing guidance, notifications, and end-to-end incident response support.
Document all incident communications and actions in the SOC ticketing system, ensuring timely updates and artifact inclusion.
Support the Judiciary Special Tactics and Active Response (JSTAR) team during critical incidents.
Escalate events and non-responsiveness issues following JSOCIRP procedures, tracking all notifications in the ticketing system.
Review and update the Incident Handlers Guide and contribute recommendations for SOP and operational guide updates.
Perform tasks aligned with the NIST NICE Cybersecurity Workforce Framework for Incident Responder roles.
Minimum Requirements
6+ years of security intrusion detection experience with diverse security technologies and data sources.
Excellent oral and written communication skills.
Experience with Splunk SIEM.
At least three years of senior-level experience analyzing logs, creating advanced queries in Splunk, or similar skills.
Education/Certifications
Bachelor’s degree in Information Systems, Computer Science, or related field preferred.
Splunk Fundamentals I & II certifications.
Clearance
Public Trust clearance required.
Compensation & Benefits
Compensation varies based on skills and experience; no fixed salary guarantee.
Benefits include health/dental/vision, 401(k) match, flexible time off, insurance options, referral bonuses, professional development, and parental leave.
Tyto Athene is a leader in IT services, supporting defense, intelligence, space, and other federal agencies with over 50 years of experience. We foster a collaborative and innovative environment where every team member contributes to technological advancement. Join #TeamTyto to make an impact.
We are an Equal Opportunity Employer, committed to diversity and inclusion in the workplace.
Additional Details
Senior level: Mid-Senior
Employment type: Full-time
Industries: IT Services and Consulting
#J-18808-Ljbffr
Incident Detection Analyst
role at
Tyto Athene, LLC .
Tyto Athene is seeking an
Incident Detection Analyst
to support our customer in Washington, DC.
Hours of Operation/Shift
Monday-Friday 3PM EST - 1130PM EST
Responsibilities
Review, annotate, and resolve security incidents as directed by the Intrusion Detection Team, Watch Officer, SOC management, or other SOC teams, 24/7, with schedule adjustments based on AOUSC needs.
Conduct incident triage to prioritize security incidents, identify relevant data sources, and perform immediate threat evaluation and containment following SOC protocols.
Perform deep dive analysis of malicious links and files, utilizing manual and automated methods.
Optimize configuration and tuning of SOC security tools to reduce false alerts.
Provide executive summaries, briefing slides, and metric reports for SOC management and leadership.
Communicate event notifications clearly, providing sufficient detail for system or network administrators to act.
Support local incident responders, providing guidance, notifications, and end-to-end incident response support.
Document all incident communications and actions in the SOC ticketing system, ensuring timely updates and artifact inclusion.
Support the Judiciary Special Tactics and Active Response (JSTAR) team during critical incidents.
Escalate events and non-responsiveness issues following JSOCIRP procedures, tracking all notifications in the ticketing system.
Review and update the Incident Handlers Guide and contribute recommendations for SOP and operational guide updates.
Perform tasks aligned with the NIST NICE Cybersecurity Workforce Framework for Incident Responder roles.
Minimum Requirements
6+ years of security intrusion detection experience with diverse security technologies and data sources.
Excellent oral and written communication skills.
Experience with Splunk SIEM.
At least three years of senior-level experience analyzing logs, creating advanced queries in Splunk, or similar skills.
Education/Certifications
Bachelor’s degree in Information Systems, Computer Science, or related field preferred.
Splunk Fundamentals I & II certifications.
Clearance
Public Trust clearance required.
Compensation & Benefits
Compensation varies based on skills and experience; no fixed salary guarantee.
Benefits include health/dental/vision, 401(k) match, flexible time off, insurance options, referral bonuses, professional development, and parental leave.
Tyto Athene is a leader in IT services, supporting defense, intelligence, space, and other federal agencies with over 50 years of experience. We foster a collaborative and innovative environment where every team member contributes to technological advancement. Join #TeamTyto to make an impact.
We are an Equal Opportunity Employer, committed to diversity and inclusion in the workplace.
Additional Details
Senior level: Mid-Senior
Employment type: Full-time
Industries: IT Services and Consulting
#J-18808-Ljbffr