Cyber Incident Handling Analyst / Active TS/SCI

Peraton is seeking to hire an experienced Incident Handling Analyst for its Regional Cyber Center-Europe program

 

Location: On-site, Wiesbaden, Germany

 

Responsibilities:

• Monitor security event feeds across IDS/SIEM platforms, reviewing alerts and identifying events requiring escalation or incident declaration in accordance with CSSP procedures
• Triage incoming security alerts, applying analytical judgment to distinguish true positives from false positives and prioritizing response actions based on threat severity and mission impact
• Coordinate incident response actions across internal CSSP teams, network operations, and mission owners, ensuring timely containment and eradication of identified threats
• Document all incidents comprehensively from initial detection through resolution, capturing timelines, evidence, analyst actions, and lessons learned in the incident management system
• Maintain and update incident tracking systems (e.g., TheHive, ServiceNow) to ensure accurate status reporting, SLA compliance, and audit-ready records for all security events
• Support post-incident analysis and after-action reviews, contributing to root cause identification, process improvement recommendations, and updates to CSSP playbooks and SOPs

#RCC-E

Required:

• Bachelor’s degree (STEM/Business Admin)and a minimum of 5 years of cybersecurity or incident response experience, or an associate’s degree with a minimum of 7 years of relevant experience; or 11 years of relevant experience in lieu of the bachelors degree  
  • Must meet TESA Qualification
• DoD 8140 - Cybersecurity (Cyber Defense Incident Responder) - Intermediate
• Certifications — must hold active certifications (one of the following):
  • Cisco CyberOps Professional; OR
  • SANS (any GIAC certification); OR
  • Microsoft Certified: Security Operations Analyst Associate; OR
  • Blue Team Level 1; OR
  • OSDA (Offensive Security Defense Analyst)
• U.S. citizenship required
• Active DoD TS/SCI clearance or higher

Preferred:

• Experience with TheHive or similar case management platforms for structured incident tracking
• Familiarity with ServiceNow IT Service Management for ticketing and SLA management
• Proficiency with Elastic Stack or Splunk for security event correlation and investigation
• Working knowledge of NIST SP 800-61 Computer Security Incident Handling Guide
• Experience with digital forensics tools (e.g., FTK, Autopsy, Volatility) for evidence collection
• Familiarity with MITRE ATT&CK framework for TTP mapping during incident analysis
• Understanding of network protocols and traffic analysis to support incident scoping
• Experience developing or refining incident response playbooks and standard operating procedures

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.