Cyber Incident Response Analyst with OT/ICS/SCADA / travel & active TS jobs in United States
cer-icon
Apply on Employer Site
company-logo

Peraton · 2 months ago

Cyber Incident Response Analyst with OT/ICS/SCADA / travel & active TS

positionUS-VA-Arlington
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$86K/yr - $138K/yr
date5+ years exp

Peraton is a next-generation national security company that drives missions of consequence. They are currently seeking an experienced Incident Response Analyst with OT/ICS/SCADA experience to respond to cybersecurity incidents and provide recommendations for critical infrastructure sectors.

Information TechnologyRobotics
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Respond to cybersecurity incidents for ICS/OT/IT environments and provide recommendations to affected entities to prevent the reoccurrence of these incidents within a variety of critical infrastructure sectors
Apply specific functional knowledge to resolve cybersecurity incidents and perform proactive threat hunts. Develop or contribute to solutions to a variety of problems of moderate scope and complexity
Be involved with highly technical operations and forensic analysis and serve as consultants, continuously advising client decision makers
Provide industry experience and expertise for one or multiple critical infrastructure sectors/sub-sectors, including but not limited to Water, Power, Critical Manufacturing, and Transportation
Follow pre-defined procedures to respond to and escalate incidents
Provide expertise to define procedures for response to customer cyber security incidents in the industrial control system environment
Apply traditional incident response and threat hunting tradecraft to industrial control system/critical infrastructure environments—with a deep understanding of the nuance and constraints of industrial environments
Seamlessly work alongside a team of host, network, and cloud forensic analysts to meet the mission requirements for both incident response and threat hunting engagements
Maintain accurate records of incident response activities and findings
Prepare and deliver incident reports to management and stakeholders
Need to be comfortable working in a team environment and collaborating to meet mission goals
Keep current with latest security trends and news to continually improve hunt and incident response operations
Be a Self-starter with strong attention to detail and critical thinking ability
Have a strong customer service orientation with excellent written and oral communication skills
The ability to self-teach and self-test new tools and methodologies, and to problem-solve independently
There is an onsite requirement for minimum one day (1) week, with up to 3 days depending on situational requirements

Qualification

Incident ResponseThreat HuntingIndustrial Control SystemsSIEM ToolsDigital ForensicsNetwork Security AnalysisCustomer Service OrientationScriptingRegulatory Standards FamiliarityAutomation SkillsCommunication SkillsAttention to DetailCritical ThinkingSelf-starterTeam CollaborationProblem Solving

Required

Bachelor's degree and 5 years of relevant experience. Master's degree and 3 years' experience. PhD and 1 years' experience. A minimum of 9 years will be considered in lieu of degree
1-2 years of Threat Hunting or DFIR experience directly supporting Critical Infrastructure (CI) / Industrial Control System (ICS) environments
Experience with security site assessments and scoping - including but not limited to the analysis of network security architecture, baseline ports, protocols, and services, and characterize network assets
Experience using a SIEM tool for pattern identification, anomaly detection, and trend analysis
Experience analyzing a variety of industrial control systems network protocols, including but not limited to: ModBus, ENIP/CIP, BACnet, DNP3, etc
Experience with the common open source and commercial tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations
Experience with collection and detection tools, including OSS/COTS host-based and network-based tools
U.S. citizenship required
An Active Top Secret Security Clearance required
Must be able to obtain a TS/SCI for continued employment
Must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment

Preferred

Certifications: GISCP, GCFA, GNFA, GRID, and any OT Sensor certifications
2 years of Threat Hunting or Digital Forensics & Incident Response (DFIR) experience preferred
Experience on DoD Cyber Protection Teams, a plus
Experience performing digital forensics and analysis on a variety of vendor/OEM equipment—including but not limited to laptop/desktops, PLC's, HMI's, Historians, and related SCADA systems
Experience with SIEM (Splunk) —threat hunting, analytic development, dashboards, and reporting
Familiarity with regulatory standards and frameworks relevant to critical infrastructure (e.g., NIST, IEC 62443)
Ability to automate simple/repeatable but critical tasks
Scripting in Python, Bash, PowerShell, and/or JavaScript

Benefits

Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Company

Peraton

twittertwitter
Glassdoor3.6
company-logo
Peraton Fearlessly solving the toughest national security challenges.
dateFounded in 1992
location
Woodbridge, New Jersey, USA
people-size10001+ employees
web-link
https://www.peraton.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Thomas Terjesen
Chief Information Officer
linkedin

Recent News

MarketScreener
Two bidders vie to be project manager of massive FAA US air traffic overhaul
2025-09-25
Benzinga.com
Snowflake Partners With Peraton, Builds AI Fraud Detection Tools To Protect Taxpayer Dollars
2025-09-17
NDTV
Donald Trump's Golden Dome Still Shrouded In Mystery, Even For Its Builders
2025-08-15
Company data provided by crunchbase