Agile Defense · 2 days ago
Cyber Security Incident Response Analyst – Intermediate
Fort Huachuca, AZ
Full-time
Onsite
Entry, Mid Level
2+ years expAgile Defense is a company focused on bringing adaptive innovation to support national missions through advanced technologies. They are seeking a skilled Incident Handler to manage the lifecycle of cybersecurity incidents, analyze logs, and refine incident response procedures in a 24x7 security operations environment.
Information ServicesInformation TechnologySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Incident Lifecycle Management: Independently manage the full lifecycle of low to medium-severity security incidents, beginning with the continuous monitoring and triage of alerts from SIEM and EDR tools, and proceeding through containment, eradication, and recovery
Log and Endpoint Analysis: Conduct detailed analysis of logs from various sources, including network devices, servers, and applications, as well as endpoint data from EDR platforms to investigate security events
Containment and Remediation: Utilize security tools to contain active threats, such as isolating endpoints or blocking malicious IP addresses. Execute and verify remediation steps to resolve the incident
Playbook Execution and Refinement: Execute complex incident response playbooks and provide constructive feedback to senior handlers for the refinement and improvement of current procedures
Reporting: Create clear and comprehensive incident reports detailing the timeline of events, investigative steps, root cause analysis, and actions taken to resolve the incident
Qualification
Required
Minimum of 2-5 years of experience in a dedicated incident response, security operations center (SOC), or closely related cybersecurity role
A bachelor's degree in cyber security or related field can replace experience requirements
Strong understanding of the incident response lifecycle (e.g., NIST framework), common attack vectors, and foundational network and endpoint forensics
Hands-on experience investigating and responding to threats using Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms
Proven analytical and problem-solving abilities, with a capacity to work independently on incidents of varying complexity
Excellent communication skills, with demonstrated ability to write clear, concise incident reports and collaborate effectively with other technical teams
Proven ability to work in a fast-paced 24x7 security operations environment, effectively managing and prioritizing multiple incidents
Must be able to obtain and maintain a Secret security clearance
Candidates must possess one of the following certifications prior to start date: CompTia Security+, Certified Ethical Hacker (CEH), CYSA+
Preferred
Familiarity with U.S. military policies, procedures, and organizational structures
Foundational understanding of cybersecurity controls and the importance of adhering to security policies in a professional environment
Basic experience reviewing network activity logs and an understanding of common network protocols (e.g., DNS, HTTP, SMB)
Familiarity with reviewing security events from standard endpoint platforms (e.g., antivirus, host firewalls)
Exposure to or academic experience with some of the following tools: A SIEM platform (e.g., Splunk, Kibana, Sentinel), MDE EDR platform and or KQL, ServiceNow or another ticketing system, Linux Command Line
Company
Agile Defense
Agile Defense is an information technology company located in Reston. It is a sub-organization of Agile-BOT.
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
unknown2022-11-16Acquired
Leadership Team
Rick Wagner
Chief Executive Officer
B
Bill Luebke
Chief Financial Officer
Recent News
2025-12-18
Company data provided by crunchbase