Incident Response Analyst

Parsons Commercial Technology Group Inc. McLean, VA

As part of Parsons Government Solutions, Cyber Assurance Group (CAG), the incumbent will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of Intrusion Detection/Prevention, Insider Threat, and Cloud Converged Security. At times, this position will require the team member to develop and deliver training modules related to the aforementioned domains.

Position Description:

* Collects and analyzes cyber event information and performs threat or target analysis duties.

* Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.

* Provides oversight of incident data flow and response, content, and remediation, and partners with other incident response centers in maintaining an understanding of threats, vulnerabilities, and exploits that could impact networks and assets.

* Performs real-time proactive security monitoring and reporting on various security enforcement systems, such as SIEM, anti-virus, internet content filtering/reporting, malcode prevention, firewalls, IDS & IPS, Web security, anti-spam, etc.

* Performs the role of incident coordinator for all IT security events requiring focused response, containment, investigation, and remediation.

* Manages and executes first-level responses and addresses reported or detected incidents.

* Reports to and coordinates with external organizations and authorities.

* Coordinates and distributes directives and vulnerability and threat advisories to identified consumers.

* Provides daily summary reports of network events and activities and delivers metric reports.


* Bachelor's Degree with a minimum of 5+ years related technical experience required for the level 3 role.

* Bachelor's Degree with a minimum of 9+ years related technical experience required for the level 4 role.

* Experience working cyber incident management.

* Threat/network defense and troubleshooting experience required.

Applicants selected for employment will be subject to a federal background investigation and must meet additional eligibility requirements for access to classified information or materials.