Cyber Incident Response Analyst with OT/ICS/SCADA / Travel & Active TS

Cyber Incident Response Analyst with OT/ICS/SCADA / Travel & Active TS

Job Locations


US-VA-Arlington

Requisition ID


View phone number on click.appcast.io

Position Category


Intel and Threat Analysis

Clearance


Top Secret/SCI

Responsibilities

Peraton is currently seeking to hire an experienced Incident Response Analyst (ICS/OT/SCADA) for its' Federal Strategic Cyber group.

Location: Onsite in Arlington, VA

Travel: Approximately 40%

Peraton is seeking an experienced Incident Response Analyst with strong OT/ICS/SCADA expertise to support its Federal Strategic Cyber program. This role involves responding to cyber incidents across critical infrastructure sectors and working closely with technical teams, forensic analysts, and mission partners to safeguard nationallevel systems.

In This Role, You Will:

• Respond to cybersecurity incidents across ICS, OT, and IT environments and provide recommendations to prevent recurrence within critical infrastructure sectors.
• Apply functional knowledge to resolve incidents, conduct proactive threat hunts, and contribute to solutions for problems of moderate scope and complexity.
• Support highly technical operations and forensic analysis while advising client decisionmakers.
• Provide sectorspecific expertise for one or more critical infrastructure areas, including Water, Power, Critical Manufacturing, and Transportation.
• Follow established procedures for incident response and escalation.
• Help define and refine response procedures for industrial control system environments.
• Apply traditional incident response and threathunting tradecraft to ICS/criticalinfrastructure environments while accounting for operational constraints.
• Collaborate with host, network, and cloud forensic analysts to meet mission requirements for incident response and threathunting engagements.
• Maintain accurate documentation of incident response activities and findings.
• Prepare and deliver incident reports to management and stakeholders.
• Work effectively in a team environment and contribute to mission success.
• Stay current on cybersecurity trends to enhance hunt and response operations.
• Demonstrate strong attention to detail, critical thinking, and customerservice orientation.
• Selfteach and test new tools, methodologies, and techniques as needed.
• Meet onsite requirements of at least one day per week (up to three days depending on mission needs).
• Travel up to 40%.

Qualifications

Required Qualifications:

• Bachelor's degree and 5 years of relevant experience; Master's degree and 3 years. An additional 4 years of relevant experience will be considered in lieu of a degree.
• Must have 1-2 years of relevant Threat Hunting or DFIR experience directly supporting Critical Infrastructure (CI) / ICS environments.
• Experience conducting security site assessments, including analysis of network security architecture, baseline ports/protocols/services, and asset characterization.
• Experience using SIEM tools for pattern identification, anomaly detection, and trend analysis.
• Experience analyzing ICS network protocols such as ModBus, ENIP/CIP, BACnet, DNP3, etc.
• Experience with common opensource and commercial tools used in event analysis, incident response, forensics, malware analysis, or security operations.
• Experience with hostbased and networkbased collection and detection tools (OSS/COTS).
• U.S. citizenship required.
• Active Top Secret security clearance.
• Ability to obtain a TS/SCI for continued employment.
• Ability to obtain and maintain a favorably adjudicated DHS background investigation.

Desired Qualifications:

• Certifications such as GISCP, GCFA, GNFA, GRID, or OT sensor certifications.
• 2+ years of Threat Hunting or DFIR experience.
• Experience on DoD Cyber Protection Teams.
• Experience performing digital forensics on laptops/desktops, PLCs, HMIs, Historians, and SCADA systems.
• Experience with SIEM platforms (e.g., Splunk) including threat hunting, analytic development, dashboards, and reporting.
• Familiarity with criticalinfrastructure frameworks (NIST, IEC 62443).
• Ability to automate repeatable tasks.
• Scripting experience in Python, Bash, PowerShell, and/or JavaScript.

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.