Principal Incident Response Analyst - 90397448 - null jobs in United States
cer-icon
Apply on Employer Site
company-logo

Amtrak · 2 days ago

Principal Incident Response Analyst - 90397448 - null

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$125K/yr - $161K/yr
date7+ years exp

Amtrak is a major player in connecting businesses and communities across the country, prioritizing the safety of passengers and employees. The Principal Cyber Threat Incident Response Analyst will support the Cyber Fusion Center by executing the cyber incident response plan and ensuring timely resolution of security breaches, while also conducting digital forensic analysis and enhancing incident investigation processes.

Service IndustrySoftwareTourismTravel
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Provide industry-leading cyber incident response supporting the Cyber Fusion Center mission to effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident
Resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment to support effective remediation, and crisis management
Technically navigate critical and high-profile incidents, performing digital forensic and incident response analysis with support from threat hunting, and malware triage analysts
Support Amtrak-wide cyber incident response engagements, examine cloud, endpoint, and network-based sources of evidence
Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) that can be applied to current and future investigations
Build scripts, tools, or methodologies to enhance Amtrak’s incident investigation processes
Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
Support Cyber Incident Exercises, Tabletops, and Cyber Incident Management Response Team with business leaders, stakeholders, and cross-functional teams
Support with Crisis Management, Emergency Management, Incident Response, Legal and OIG teams to conduct and coordinate on Cyber Incident Response Activities
Regularly participate in tabletop exercises designed to identify gaps, improve skills, enhance communication, and engage with stakeholders
Review technical reports from vulnerability and penetration testing assessments, as well as results from tabletop exercise to identify potential future incidents
Develop, refine, recommend, and maintain playbooks, policies, and procedures to ensure alignment to industry best practices

Qualification

Cyber Incident ResponseDigital ForensicsThreat IntelligenceIncident Response CertificationsPenetration TestingMalware TriageNetwork SecurityLog AnalysisCrisis ManagementEffective CommunicationTeam Collaboration

Required

Bachelor's degree in computer science, Information Systems, Cybersecurity, or related technical field plus 7-10 years of relevant experience is required
One Incident Response Centric Certification
In depth understanding of threats, vulnerabilities and principals of incident response and chain of custody
Hands on experience with forensics tools and log correlation
Ability to think like an attacker and hunt within the security tool stack
Ability to incorporate the MITRE ATT&CK Framework in everyday processes

Preferred

Master's degree in Cybersecurity, Information Technology, Digital Forensics, Computer Science, or equivalent technical field
10+ years of experience within the cybersecurity field
Basic knowledge of Operation Technology (OT), SCADA, HVAC and/or IoT
Two Or More Incident Response Centric Certifications

Benefits

Health, dental, and vision plans
Health savings accounts
Wellness programs
Flexible spending accounts
401K retirement plan with employer match
Life insurance
Short and long term disability insurance
Paid time off
Back-up care
Adoption assistance
Surrogacy assistance
Reimbursement of education expenses
Public Service Loan Forgiveness eligibility
Railroad Retirement sickness and retirement benefits
Rail pass privileges

Company

Amtrak

twittertwittertwitter
Glassdoor3.6
company-logo
Amtrak is a provider of intercity passenger rail services across the country, connecting major cities and regions.
dateFounded in 1971
location
Washington, District of Columbia, USA
people-size10001+ employees
web-link
https://www.amtrak.com/

H1B Sponsorship

Amtrak has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (57)
2024 (40)
2023 (50)
2022 (52)
2021 (42)
2020 (34)

Funding

Current Stage
Late Stage
Total Funding
$125.7M
Key Investors
Federal Railroad AdministrationU.S. Department of Transportation
2024-09-03Grant· $63.9M
2023-09-25Grant· $8.8M
2022-08-18Grant· $45M

Leadership Team

leader-logo
John McSorley
Director of Critical Infrastructure Protection
linkedin

Recent News

WebProNews
Amtrak Sets Record with 34.5M Riders, $2.7B Revenue in 2025
2026-01-05
bloomberglaw.com
Amtrak Wins Reversal of $44 Million Award in Random Attack Case
2026-01-03
Business Insider
Amtrak is booming: Why more Americans are taking its trains than ever before
2026-01-03
Company data provided by crunchbase