Government Careers
  • Senior Incident Response Analyst

  • Tetrad Digital Integrity
  • Arlington, Virginia 22201 United States View Map

Senior Incident Response Analyst

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years! TDI is seeking a Senior Incident Response Analyst to join our team in support of a mission-critical government program. As part of the Security Operations Center, you will help monitor, detect, investigate, and respond to cybersecurity threats affecting a large-scale enterprise environment while supporting coordinated incident response across multiple organizations. This position is hybrid with commute to the Arlington, VA area.

Responsibilities:

  • Lead and coordinate cyber incident response activities across the full Incident Response lifecycle, including investigation, containment, eradication, and recovery.
  • Analyze security events, logs, network traffic, endpoint telemetry, and forensic artifacts to determine the scope, root cause, and impact of cyber incidents.
  • Identify adversary tactics, techniques, and procedures (TTPs) and develop indicators of compromise (IOCs) to improve threat detection and response.
  • Develop, maintain, and enhance Incident Response processes, playbooks, workflows, and standard operating procedures (SOPs).
  • Configure, tune, and optimize security technologies, including SIEM, EDR, IDS/IPS, and related monitoring tools, to improve detection accuracy and reduce false positives.
  • Create and maintain detection content, including correlation rules, use cases, signatures, alerts, and automation scripts to strengthen SOC monitoring capabilities.
  • Document investigations, response activities, and findings within case management systems, producing clear incident reports and after-action documentation.
  • Establish and track SOC performance metrics and key performance indicators (KPIs) to measure operational effectiveness and support continuous improvement.

Qualifications:

  • Ability to obtain Public Trust clearance and successfully complete the EOD process.
  • Candidates must possess at least one of the following certifications: GIAC: GCIH, GCIA, GCFA, GCFE, GREM, or GPEN, CISSP, OSCP, OSCE, or OSWP.
  • Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field and 12–15 years of relevant experience.
  • Must have technical hands-on experience in the areas of incident detection and response, malware analysis, or computer forensics.
  • Expertise with Windows and Linux operating systems, enterprise networking, common protocols, and security infrastructure (firewalls, proxies, VPNs, load balancers).
  • Demonstrated experience investigating cyber incidents, performing root cause analysis, identifying attacker TTPs, and leveraging frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
  • Proficiency in Python, PowerShell, Bash, or similar scripting languages to support security automation and incident response.

Preferred Qualifications:

  • Experience in cyber government, and/or federal law enforcement FISMA systems.

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

"TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws."

Senior Incident Response Analyst

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years! TDI is seeking a Senior Incident Response Analyst to join our team in support of a mission-critical government program. As part of the Security Operations Center, you will help monitor, detect, investigate, and respond to cybersecurity threats affecting a large-scale enterprise environment while supporting coordinated incident response across multiple organizations. This position is hybrid with commute to the Arlington, VA area.

Responsibilities:

  • Lead and coordinate cyber incident response activities across the full Incident Response lifecycle, including investigation, containment, eradication, and recovery.
  • Analyze security events, logs, network traffic, endpoint telemetry, and forensic artifacts to determine the scope, root cause, and impact of cyber incidents.
  • Identify adversary tactics, techniques, and procedures (TTPs) and develop indicators of compromise (IOCs) to improve threat detection and response.
  • Develop, maintain, and enhance Incident Response processes, playbooks, workflows, and standard operating procedures (SOPs).
  • Configure, tune, and optimize security technologies, including SIEM, EDR, IDS/IPS, and related monitoring tools, to improve detection accuracy and reduce false positives.
  • Create and maintain detection content, including correlation rules, use cases, signatures, alerts, and automation scripts to strengthen SOC monitoring capabilities.
  • Document investigations, response activities, and findings within case management systems, producing clear incident reports and after-action documentation.
  • Establish and track SOC performance metrics and key performance indicators (KPIs) to measure operational effectiveness and support continuous improvement.

Qualifications:

  • Ability to obtain Public Trust clearance and successfully complete the EOD process.
  • Candidates must possess at least one of the following certifications: GIAC: GCIH, GCIA, GCFA, GCFE, GREM, or GPEN, CISSP, OSCP, OSCE, or OSWP.
  • Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field and 12–15 years of relevant experience.
  • Must have technical hands-on experience in the areas of incident detection and response, malware analysis, or computer forensics.
  • Expertise with Windows and Linux operating systems, enterprise networking, common protocols, and security infrastructure (firewalls, proxies, VPNs, load balancers).
  • Demonstrated experience investigating cyber incidents, performing root cause analysis, identifying attacker TTPs, and leveraging frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
  • Proficiency in Python, PowerShell, Bash, or similar scripting languages to support security automation and incident response.

Preferred Qualifications:

  • Experience in cyber government, and/or federal law enforcement FISMA systems.

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

"TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws."

Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS