Armavel, LLC · 2 weeks ago
Tier 3 Cybersecurity Incident Response Analyst
Austin, TX, US
Full-time
Onsite
Senior Level
5+ years expArmavel, LLC is offering an opportunity to join a forward-thinking cybersecurity team dedicated to protecting mission-critical systems supporting the Department of Veterans Affairs. As a Tier 3 Cybersecurity Incident Response Analyst, you will drive incident response efforts, identify and mitigate cybersecurity threats, and collaborate with experts across multiple disciplines.
Cloud ComputingComplianceCyber SecurityInformation Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Leading efforts in detecting, analyzing, and responding to the most challenging and advanced cybersecurity incidents and escalations as a Tier 3 lead analyst
Operationalizing and onboarding modern detection technologies
Crafting and augmenting playbooks for modern cloud-based IR
Analyzing and understanding attack vectors and patterns to determine root cause and recommending effective remediation strategies
Guiding, coaching, and mentoring Tier 1 and Tier 2 analysts during incident investigations and sharing technical expertise
Driving all incident response activities, from detection through recovery, including lessons learned and continuous improvement actions
Developing, fine-tuning, and coordinating real-time security analytics use cases to detect sophisticated cyber threats
Implementing and leveraging SOAR platforms to automate and streamline incident response workflows for enrichment, containment, and remediations
Collaborating with forensics, threat intelligence, IT, and network teams to ensure effective response coordination and communication
Mentoring and supporting junior and mid-level cybersecurity staff, fostering a culture of learning and collaboration
Leading cybersecurity exercises, simulations, and continuous training to strengthen readiness
Qualification
Required
Ability to track sophisticated, modern cybersecurity threats in a high-pressure environment
Deep understanding of cybersecurity principles, leadership, incident response frameworks, and digital forensics processes
Strong analytical and problem-solving skills under pressure
Expertise with SIEM, IDS/IPS, EDR, and network monitoring solutions
Experience implementing and managing SOAR and other types of automation tools
Proficiency using enterprise ticketing platforms like ServiceNow
Excellent written and verbal communication abilities for technical and non-technical senior leadership
Organized, detail-oriented, and committed to delivering thorough, accurate results directly to senior leaders
Strong collaborative skills with proven leadership attitude and a drive to innovate and improve processes
Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related technical field (or equivalent experience)
5+ years supporting enterprise-scale IT or cybersecurity operations
3+ years of direct experience managing enterprise-level incident response or Security Operations Center environments
In-depth knowledge of Azure/AWS native tools, security event analysis, digital forensics, malware triage, security automation, and containment strategies
Experience implementing or managing Splunk and Microsoft Sentinel SIEM/SOAR
Experience leading incident response activities across multiple technical teams
Experience navigating large, complex IT infrastructures and managing the full incident lifecycle across multiple platforms
Must be a US Citizen, with the ability to obtain a US Security Clearance
Preferred
Advanced industry certifications such as CISSP, GCIH, GCFA, CEH, or equivalent are highly desirable
Prior experience supporting federal information systems (preferred)
Some travel may be required
Company
Armavel, LLC
Cybersecurity, Architecture, Cloud IT
11-50 employees
Funding
Current Stage
Early StageRecent News
2025-06-13
Company data provided by crunchbase