Piper Companies
Incident Response Analyst (Morning Shift)
Piper Companies, New Carrollton, Maryland, United States
Zachary Piper Solutions
is seeking an
Incident Response Analyst
to join a high-impact cybersecurity team supporting the IRS Cyber Security Incident Response Center (CSIRC). This role offers a unique opportunity to work in a non-tiered SOC environment where analysts have full access to all systems and tools, enabling deep learning and hands-on experience across the entire incident response lifecycle.
This position will be onsite in New Carrollton, MD!
This will be a 6:00 am ET - 2:00 pm ET Shift!
Responsibilities of the Incident Response Analyst include: • Analyze network log data using tools such as Splunk ES, FireEye, ZScaler, NetWitness, Wireshark, and Linux CLI • Perform proactive threat intelligence analysis using OSINT tools and techniques • Conduct incident response, signature tuning, and alert triage (AV/IDS/other) • Investigate and document incidents, correlate logs across multiple systems, and identify adversary TTPs • Develop alerting criteria and improve detection capabilities across Windows and Linux environments • Collaborate on scripting, automation, content development, malware analysis, and IoC extraction • Establish baselines for network traffic and data flow to identify anomalies • Support customer communications, RFIs, and incident follow-ups
Qualifications for the Incident Response Analyst include: • 2-6 years of cybersecurity experience in SOC/CIRT environments • Strong incident handling and investigation skills; not screen watchers • Experience with Splunk SPL (Search Processing Language) for querying and analysis • Proficiency in packet capture (PCAP) analysis using tools like Wireshark • Solid understanding of networking fundamentals (OSI model, TCP/IP, DNS, firewalls, etc.) • Strong knowledge of Windows and Linux operating systems and kernel-level operations •
Ability to obtain IRS Public Trust clearance (MBI review required; can start after initial approval)
Highly Preferred Qualifications: • Experience with attacker methodology, red teaming, or penetration testing • Scripting experience (Python preferred) for automation and threat detection • Experience correlating logs from multiple sources and developing detection rule • SANS GIAC certifications (e.g., GCIH, GCIA, GPEN) • Malware analysis and IoC extraction experience • Passion for cybersecurity demonstrated through extracurriculars (CTFs, Hack The Box, cyber clubs, home labs)
Compensation for the Incident Response Analyst includes: •
Salary Range:
$80,000 - $100,000 $40 - $50/hr * depending on experience* •
Full Benefits:
Medical, Dental, Vision, 401k, Paid Time Off, and Federal Holidays
This job opens for applications on 8/7/2025. Applications will be accepted for at least 30 days from the posting date.
Keywords:
#LI-MM1 #LI-ONSITE
Incident Response Analyst, SOC Analyst, Cyber Threat Intelligence, Splunk SPL, Wireshark, PCAP Analysis, Linux CLI, OSINT, IDS/IPS, FireEye, ZScaler, NetWitness, Python Scripting, Malware Analysis, IoC Extraction, SANS GIAC, Red Team, Penetration Testing, Cybersecurity Jobs, IRS CSIRC, Network Security, Threat Hunting, Log Correlation, Cyber Defense, Public Trust Clearance
is seeking an
Incident Response Analyst
to join a high-impact cybersecurity team supporting the IRS Cyber Security Incident Response Center (CSIRC). This role offers a unique opportunity to work in a non-tiered SOC environment where analysts have full access to all systems and tools, enabling deep learning and hands-on experience across the entire incident response lifecycle.
This position will be onsite in New Carrollton, MD!
This will be a 6:00 am ET - 2:00 pm ET Shift!
Responsibilities of the Incident Response Analyst include: • Analyze network log data using tools such as Splunk ES, FireEye, ZScaler, NetWitness, Wireshark, and Linux CLI • Perform proactive threat intelligence analysis using OSINT tools and techniques • Conduct incident response, signature tuning, and alert triage (AV/IDS/other) • Investigate and document incidents, correlate logs across multiple systems, and identify adversary TTPs • Develop alerting criteria and improve detection capabilities across Windows and Linux environments • Collaborate on scripting, automation, content development, malware analysis, and IoC extraction • Establish baselines for network traffic and data flow to identify anomalies • Support customer communications, RFIs, and incident follow-ups
Qualifications for the Incident Response Analyst include: • 2-6 years of cybersecurity experience in SOC/CIRT environments • Strong incident handling and investigation skills; not screen watchers • Experience with Splunk SPL (Search Processing Language) for querying and analysis • Proficiency in packet capture (PCAP) analysis using tools like Wireshark • Solid understanding of networking fundamentals (OSI model, TCP/IP, DNS, firewalls, etc.) • Strong knowledge of Windows and Linux operating systems and kernel-level operations •
Ability to obtain IRS Public Trust clearance (MBI review required; can start after initial approval)
Highly Preferred Qualifications: • Experience with attacker methodology, red teaming, or penetration testing • Scripting experience (Python preferred) for automation and threat detection • Experience correlating logs from multiple sources and developing detection rule • SANS GIAC certifications (e.g., GCIH, GCIA, GPEN) • Malware analysis and IoC extraction experience • Passion for cybersecurity demonstrated through extracurriculars (CTFs, Hack The Box, cyber clubs, home labs)
Compensation for the Incident Response Analyst includes: •
Salary Range:
$80,000 - $100,000 $40 - $50/hr * depending on experience* •
Full Benefits:
Medical, Dental, Vision, 401k, Paid Time Off, and Federal Holidays
This job opens for applications on 8/7/2025. Applications will be accepted for at least 30 days from the posting date.
Keywords:
#LI-MM1 #LI-ONSITE
Incident Response Analyst, SOC Analyst, Cyber Threat Intelligence, Splunk SPL, Wireshark, PCAP Analysis, Linux CLI, OSINT, IDS/IPS, FireEye, ZScaler, NetWitness, Python Scripting, Malware Analysis, IoC Extraction, SANS GIAC, Red Team, Penetration Testing, Cybersecurity Jobs, IRS CSIRC, Network Security, Threat Hunting, Log Correlation, Cyber Defense, Public Trust Clearance