AWS Cybersecurity Incident Response Engineer

Peraton is seeking an AWS Cybersecurity Incident Response Engineer to join our dynamic Security Team within the Department of Homeland Security (DHS) Datacenter Consolidation and Cloud Optimization (DCCO) program. This role supports our Security Team’s efforts by leading incident response and cybersecurity operational compliance. The Incident Response Engineer will ensure our systems remain secure, compliant, and resilient, actively contributing to our Governance, Risk, and Compliance (GRC) initiatives. This role is entirely telework based with core hours between 9 am- 3 pm (EST) Monday – Friday; applicant must reside and perform all work within the United States. 

Day to Day Responsibilities: 

• Incident Response and Management: 

• Lead and coordinate the response to cybersecurity alerts and incidents, ensuring rapid Detection and Analysis; Containment, Eradication, and Recovery; and Post- Incident Activity Recommendations. 

• Develop, implement, and maintain Incident Response Plans in line with organizational policies and NIST guidelines. 

• Conduct forensic analysis and post-incident investigations to identify root causes and recommend improvements. 

• Proactive Security Operations: 

• Analyze system vulnerabilities, propose compensating controls, and work with engineering teams to remediate issues. 

• Oversee the security posture of cloud environments (AWS) and recommend improvements. 

• Maintain and update security documentation such as System Security Plans, Incident Response Plans, and Standard Operating Procedures. 

• Develop and conduct security training for incident response and contingency planning. 

• Collaboration and Communication: 

• Work closely with the Cybersecurity Manager, ISSOs, and other security personnel to ensure the effective implementation of operational security measures. 

• Collaborate with engineering and IT teams to address security incidents and develop proactive strategies. 

• Communicate risks and remediation activities effectively to clients and senior management. 

• Tool and Process Development: 

• Create and maintain security tools, checklists, and templates to aid A&A and incident response processes. I.E. Splunk, Cloud Trail, Guard duty, Swim Lane, etc. 

• Leverage tools such as Cyber Security Assessment and Management (CSAM) to manage risk and monitor compliance. 

Basic Qualifications: 

• High school diploma and 6 years of experience
• U.S. citizenship and the ability to obtain/maintain a DHS EOD clearance (required prior to start). 
• 5 years of experience in information technology or cybersecurity focused on incident response in cloud or enterprise environments.

• Proven expertise in incident response, digital forensics, malware analysis, and root cause determination for security events and breaches.

• In-depth knowledge of security countermeasures, NIST Cybersecurity Framework, RMF processes, and regulatory compliance requirements.

• Hands-on experience with cloud security architectures, including AWS services, FedRAMP-authorized environments, and cloud-based security monitoring tools.

• Strong communication skills with a history of engaging stakeholders at all levels to deliver actionable security solutions and recommendations.

• Demonstrated ability to influence security policies and practices across multiple teams and organizational units, fostering a culture of security awareness and compliance.

• Experience with security incident tracking, reporting, and continuous improvement initiatives.

Some Desired Certifications:

• One or more of the following: GCIH, CISSP, CISM, AWS Security Professional, CCSP, GISCP, or GSEC. 

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.