Cyber Investigations Analyst - OTA / Active Top Secret

Peraton is looking for a Cyber Investigations Analyst to become part of our Federal Strategic Cyber Group. 

 

Location: Rosslyn, VA; full-time, on-site role.

 

In this role, you will:

• Support the Cyber Threat Investigations & Analysis Division (CTAD) in conducting end-to-end insider threat and cyber investigations leveraging User Activity Monitoring (UAM) tools and data.
• Collect, analyze, and interpret log data to detect anomalous user behavior, policy violations, and potential insider threats across enterprise systems.
• Develop and refine detection rules, alerts, and behavioral baselines to improve threat detection capabilities.
• Conduct forensic analysis of user activity logs, endpoint telemetry, and network data to support investigations and produce actionable intelligence.
• Communicate complex investigative findings to both technical and non-technical stakeholders, including senior management.
• Collaborate with legal, HR, and security teams to ensure investigations are conducted in accordance with applicable laws, policies, and Department guidelines.
• Author detailed investigation reports, bulletins, and advisories documenting findings.
• Promote awareness of insider threat indicators and UAM best practices among customer stakeholders, coworkers, and Department users.
• Respond to escalated security incidents and provide expert guidance on user activity-related threat vectors.
• Manage case documentation and investigative records in SharePoint repositories.
• Provide guidance and mentorship to junior team members on investigative techniques and tool usage.
• Stay current on emerging insider threat tactics, techniques, and procedures (TTPs) and incorporate findings into detection strategies.

 

Minimum requirements: 

 

• A Bachelor’s degree and 5 years of experience. An additional 4 years of experience may be substituted in lieu of the bachelors degree requirement.
• Minimum of 2 years experience in cybersecurity, digital forensics, or cyber investigations.
• Must either possess and maintain, or obtain prior to start date, one of the following professional certifications:
  • CISSP-ISSAP; CISSP-ISSEP; CISSP; Security+ CE; CySA+; PPDA; Agile IC; SNOW App Dev
• Experience conducting insider threat or cyber misconduct investigations in an enterprise environment.
• Experience analyzing large datasets of user activity, log data, and endpoint telemetry.
• Strong analytical, problem-solving, and decision-making skills to support complex, sensitive investigations.
• Excellent written and verbal communication skills, including experience producing formal investigative reports.
• Must possess strong time management skills and the ability to complete assigned tasks with minimal supervision.
• U.S. citizenship required.
• Active Top Secret security clearance.
  • Ability to obtain a final Top Secret/SCI security clearance.

Desired:

• Experience with insider threat programs and familiarity with the National Insider Threat Policy.
• Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for correlating UAM data with broader security telemetry.
• Experience with digital forensics tools (e.g., EnCase, FTK, Magnet AXIOM).
• Knowledge of Active Directory and Azure AD for user account analysis.
• Experience working in a government or federal law enforcement investigative environment.
• Technical writing skills and experience producing materials for senior leadership audiences.
• Familiarity with chain of custody procedures, and eDiscovery processes.
• Experience with behavioral analytics platforms or UEBA (User and Entity Behavior Analytics) tools.

 

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.