Washington, DC or Fairmont, WV

Incident Response Analyst

Job Specs

Cyber Defense

Job Description:

XOR Security is currently seeking several Incident Response Analysts to support an Agency-level SOC at NOAA. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise.   

To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must along with the ability to work shift.



  • Respond to cyber incidents, including responding to IR phone calls and emails, and preparing situational awareness reports for DOC, its bureaus, and/or DOC management.
  • Act as investigator for potential incidents identified by SOC analysts.
  • Investigate phishing and self-identified potential cyber threats
  • Work with DOC users to analyze, triage, contain, and remediate security incidents.
  • Track incident managements thoroughly and communicate with end users and senior CIO officials effectively.
  • Participate regularly in SOC working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives. Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies.
  • Follow documented procedures yet have an eye towards process improvement/effectiveness.
  • Knowledgeable on multiple technology and system types.
  • Able to articulate the incident response lifecycle.

Required Qualifications:

  • Inquisitive, problem-solving oriented
  • Not 24x7 shifts, but it does cover 7am-7pm between DC and WV locations. On-call rotation for SOC escalation as needed for night/weekends (coordinated with manager each month for the on-call schedule).
  • Must be US Citizen. Must be able to obtain and maintain security clearance, specifically DoD/Top Secret Clearance or TS/SCI.
  • Jr IR (Tier I): 0-3 years of experience with cyber operations/SOC/Incident Response.
  • Solid understanding of cyber landscape + typical threat vectors.
  • Splunk log analysis 

Required Certifications: At least one of the following:

  • CERT Certified Computer Security Incident Handler
  • ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
  • GCIH (GIAC Certified Incident Handler)
  • GISF (GIAC Information Security Fundamentals)
  • CISSP (ISC2 Certified Information System Security Professional)
  • SCNP (Security Certified Network Professional)
  • SCNA (Security Certified Network Architect)

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP Needs a minimum of a fully adjudicated SECRET clearance with an interim TOP SECRET