Incident Responder, Journeyman

We are seeking a highly skilled and innovative Incident Responder to join our team in the greater DMV area, supporting the Army National Guard.

Responsibilities

Triage alerts, analyze SIEM, EDR, network telemetry, and application logs to identify indicators of compromise and suspected security incidents.
• Execute containment actions per playbooks: isolate hosts, disable accounts, block network traffic, and implement temporary mitigations.
• Collect, preserve, and document forensic artifacts, system logs, and evidence for escalation and deeper analysis.
• Investigate incidents: perform rootcause analysis, validate detections, and track remediation progress through case records.
• Coordinate response activities with SOC analysts, CIRT teams, network operations, cybersecurity engineers, and stakeholders.
• Validate remediation steps, retest affected systems, and confirm eradication of threats prior to closure.
• Maintain incident timelines, produce technical updates and incident summaries, and support afteraction reviews.
• Identify recurring patterns, visibility gaps, and detection shortfalls; recommend improvements to monitoring and detection coverage.
• Contribute to playbook refinement, evidencecollection procedures, and adoption of new response techniques and tooling.

#ENOCS

Qualifications

• 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
  • Relevant DoD/military training (examples: A5310451; Cyber Defense Incident Responder (Intermediate) Playlist); OR
  • Relevant professional certification or equivalent experience (examples: CEH(P), ECIH, GRID, RCCE Level 1, CBROPS, CCSP, CEH, Cloud+, FITSPO, GCED, GCIH, GSEC, PenTest+, Security+).

• Required experience and skills:

  • Incident response, SOC analyst, or cybersecurity operations experience.
  • Handson experience with EDR, SIEM, packet/network analysis, log forensics, and incident case management workflows.
  • Ability to perform containment actions, forensic collection, evidence handling, and rootcause analysis per established procedures.
  • Familiarity with RMF/ATO evidence practices, chainofcustody, and documentation for audits.
  • Strong written communication for incident notes, timelines, technical reports, and briefing support.

• Desired:

  • Prior DoD/ARNG or classifiedenvironment incident response experience.
  • Experience with SOAR playbooks, forensic tools (memory/disk analysis), and scripting for automation (Python, PowerShell).
  • Familiarity with threathunting methodologies, MITRE ATT&CK mapping, and integration with detection engineering workflows.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.