Peraton
Join to apply for the
Incident Handler/Response Analyst
role at
Peraton About Peraton: Peraton is a next-generation national security company that drives missions of consequence spanning the globe. As the world's leading mission capability integrator and transformative IT provider, we deliver solutions to protect our nation and allies. Peraton operates across land, sea, space, air, and cyberspace, supporting government agencies and the U.S. armed forces. Visit peraton.com to learn more. Overview
Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO - Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). The division supports CSSP services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks, on both unclassified and classified networks/assets. Responsibilities
Cyber Defense Operations (CDO) Support: work directly with GCC Operations personnel to conduct initial triage and cyber incident analysis, review correlated events, logs, and SIEM data, and recommend/take immediate DCO-IDM actions. Maintain on-call capability to respond to cyber incidents per policy and government direction. Incident Analysis and Mitigation: conduct incident analysis and mitigation for threats such as APTs, attempted exploits/attacks, and malware on Army networks. Provide: (a) blocking/denying access to hostile sites or restricting ports/protocols/applications; (b) mitigation recommendations to supporting operations; (c) IDM justification to CCB/AOs as required; (d) potential coordination with NDA/NAVs/CDAP missions. Sensor and Event Monitoring: monitor sensors/agents managed by GCC, maintain/update triage databases with current threat data and response methods; respond to detected events and ensure proper ticket handling and follow-up within 72 hours as needed. Reporting and Coordination: provide initial cyber incident reports to LE/CI agencies; maintain POC lists for LE/CI; provide data and analysis in response to official requests; maintain a Master Station Log (MSL) for high-visibility incidents with status updates and inter-shift communication. Documentation and Guidance: develop reports and products to support CSSP and course of action development; prepare TTPs, SOPs, EXSUMS, trip reports, and information/point papers; assist in creating agreements, policy, and guidance such as MOUs/SLAs. Qualifications
Basic qualifications: 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree Certifications: CAP or qualified per DCWF requirements (listed in the job); examples include CISM, CISSP, GCIS, GIAC family (GCIH, GCIA, GCSA, GICSP, GSLC, etc.), CCSP/CEH/CHOPs/GCED, GIAC, and related Federal IT security credentials Experience collecting and analyzing event information and performing threat or target analyses Experience supporting operations for persistent 24/7 monitoring of networks, enclaves, and systems Demonstrated competence in managing first-level responses and addressing incidents Comfort coordinating with external organizations and authorities Background coordinating and distributing threat advisories and directives U.S. citizenship required; active Top Secret clearance Ability to work shift hours EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law. Job Details
Employment type: Full-time Location: Fort Huachuca, AZ Target Salary Range: $66,000 - $106,000. Salary is determined by factors including experience, education, location, and contract considerations. Overtime, shift differential, and discretionary bonuses may apply.
#J-18808-Ljbffr
Incident Handler/Response Analyst
role at
Peraton About Peraton: Peraton is a next-generation national security company that drives missions of consequence spanning the globe. As the world's leading mission capability integrator and transformative IT provider, we deliver solutions to protect our nation and allies. Peraton operates across land, sea, space, air, and cyberspace, supporting government agencies and the U.S. armed forces. Visit peraton.com to learn more. Overview
Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO - Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). The division supports CSSP services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks, on both unclassified and classified networks/assets. Responsibilities
Cyber Defense Operations (CDO) Support: work directly with GCC Operations personnel to conduct initial triage and cyber incident analysis, review correlated events, logs, and SIEM data, and recommend/take immediate DCO-IDM actions. Maintain on-call capability to respond to cyber incidents per policy and government direction. Incident Analysis and Mitigation: conduct incident analysis and mitigation for threats such as APTs, attempted exploits/attacks, and malware on Army networks. Provide: (a) blocking/denying access to hostile sites or restricting ports/protocols/applications; (b) mitigation recommendations to supporting operations; (c) IDM justification to CCB/AOs as required; (d) potential coordination with NDA/NAVs/CDAP missions. Sensor and Event Monitoring: monitor sensors/agents managed by GCC, maintain/update triage databases with current threat data and response methods; respond to detected events and ensure proper ticket handling and follow-up within 72 hours as needed. Reporting and Coordination: provide initial cyber incident reports to LE/CI agencies; maintain POC lists for LE/CI; provide data and analysis in response to official requests; maintain a Master Station Log (MSL) for high-visibility incidents with status updates and inter-shift communication. Documentation and Guidance: develop reports and products to support CSSP and course of action development; prepare TTPs, SOPs, EXSUMS, trip reports, and information/point papers; assist in creating agreements, policy, and guidance such as MOUs/SLAs. Qualifications
Basic qualifications: 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree Certifications: CAP or qualified per DCWF requirements (listed in the job); examples include CISM, CISSP, GCIS, GIAC family (GCIH, GCIA, GCSA, GICSP, GSLC, etc.), CCSP/CEH/CHOPs/GCED, GIAC, and related Federal IT security credentials Experience collecting and analyzing event information and performing threat or target analyses Experience supporting operations for persistent 24/7 monitoring of networks, enclaves, and systems Demonstrated competence in managing first-level responses and addressing incidents Comfort coordinating with external organizations and authorities Background coordinating and distributing threat advisories and directives U.S. citizenship required; active Top Secret clearance Ability to work shift hours EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law. Job Details
Employment type: Full-time Location: Fort Huachuca, AZ Target Salary Range: $66,000 - $106,000. Salary is determined by factors including experience, education, location, and contract considerations. Overtime, shift differential, and discretionary bonuses may apply.
#J-18808-Ljbffr