Incident Response Analyst

Dunhill Professional Search Washington, DC

Dunhill Solutions is proud to be partnered with a Cyber Security focused organization; that supports both the Government and Commercial industries. They have consistently been voted in the top places to work in Virginia, foster a collaborative environment, and promote personal and professional growth for their employees.

Their 4 services lines: Cyber Defense, Cyber Offense, Information Security, and Security Engineering & Architecture provide an extensive amount of opportunity for learning and expansion of your skill set.

This organization is currently seeking an Incident Response Analyst in Washington, DC.

Job Responsibilities:

  • Implement and operate next generation security solutions for government clients
  • Perform hands on evaluation, implementation, and operation of leading security Cyber defense tools and technologies and apply defense-in-depth strategies in large and complex networks to rapidly identify vulnerabilities and threats, prioritize response actions, and develop effective countermeasures
  • Support the SOC Security Architect in delivery and deployment of enterprise security tools including Splunk and CISCO Security suite
  • Perform incident response and create dashboards using Splunk for enterprise customers based on requirements
  • Must possess knowledge of security tools including hands-on experience with Splunk or other commercial enterprise SIEM tool

Job Qualifications:

  • This position requires U.S. Citizenship due to Federal contractual obligations
  • 4 - 7 years experience operating information security continuous monitoring or vulnerability analysis tools
  • 4 - 7 years experience with performing forensics of identified vulnerabilities. Providing prescriptive remediation information to resolve identified vulnerabilities and follow through until the vulnerability is resolved
  • 4 -7 years experience excellent troubleshooting skills ability to review an incident, provide a recommended action to fix the issue, and document the steps taken to achieve the resolution

Preferred Qualifications:

  • Bachelor's Degree in Computer Science or a related technical discipline
  • Industry Security Certifications such as CISSP, GCED/GCIH, CASP
  • Vendor Certification such as Splunk, CISCO

incident response, splunk, SIEM, SOC