Cyber Security and Incident Response Specialist

Washington, District of Columbia, United States · Services


Company Description

Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Founded in 2011, the company started servicing government agencies on specialized cybersecurity contracts while building its platform. Officially launched in 2013, the ThreatConnect Platform has grown to more than 20,000 users worldwide. Whether you want to work on building a world-class security platform or as a member of the services team, you will enjoy a career that truly makes an impact. For more information on the benefits of working at ThreatConnect, visit

Job Description

ThreatConnect is looking for highly motivated and experienced analysts with currently active U.S. Government Top Secret security clearances to fill positions on government contracts within the DC/NoVA/MD region. If you are sought after as an expert in your field and looking for a company that will both value and reward your expertise, take a look at what ThreatConnect has to offer.


As a Network Security and Incident Response Specialist, you will support a high profile government client's cyber security efforts. Specifically, you will Identify, detect and remediate cyber intrusions through analysis of network and host based artifacts. Key responsibilities and duties for this position include:

1. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

2. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary


3. Evaluate firewall change requests and assess organizational risk.

4. Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

5. Assists with implementation of counter-measures or mitigating controls.

6. Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

7. Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity

scans to determine compliance.

8. Prepare incident reports of analysis methodology and results.

9. Maintain current knowledge of relevant technology as assigned.

10. Participate in special projects as required.

11. Responsible for the analysis and triage of network anomalies that should be considered Events of Interest (EOI). Will provide basic assessment of the anomaly; designate it as an EOI and coordinate response with CND response team.

12. Responsible for escalating EOIs to Responders in a timely manner; with all required information to ensure the response team may act upon it accordingly.

13. Must have a good understanding of networks at a packet level. Must be able to analyze packet captures at the expert level.

14. Must have experience using CND tools to detect network attack; these tools are:

15. Assists with implementation of counter-measures or mitigating controls. Must be able to review multiple data sources to gather Indications and Warnings and Attack Sensing and Warnings information


Work-Life Balance:



Apply for this job