Arlington, VA

Incident Response Analyst

Job Specs

Cyber Defense

Job Description:

XOR Security is currently seeking a talented Incident Response Analyst to support an Agency-level SOC. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise.  SOC Analysts will conduct security event monitoring, advanced analytics and response activities in support of the CND operational mission.  To support this vital mission, XOR staff are at the forefront of providing Advanced CND Operations, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must along with the ability to work shift. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables.

Schedule: Monday - Friday from 2pm - 10pm.


  • Performs a critical role in capturing, documenting and correlating cyber incidents, events, and requests for information for the DHS National Cybersecurity & Communications Integration Center (NCCIC).
  • Responsible for coordinating and reporting incidents of significance to NCCIC leadership (NDOs) and for coordinating incident response actions across all components of the NCCIC.
  • Provides support promptly and efficiently through front-line telephone and email communications.
  • Coordinates incidents and requests within the NCCIC ticketing system and responds within the established timeline following the processes, procedures and work instructions.
  • Manages and tracks the life cycle of all incidents and requests reported to the NCCIC, to include open-to-resolve incident management and request fulfillment.
  • Support incident response engagements, and partners with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets.
  • Perform analysis and monitor open source channels to maintain a current understanding of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise.
  • Collect network intrusion artifacts and use discovered data to enable mitigation of potential CND hunts and incidents.
  • Duties may also include, but are not limited to, to resolve or route issues to the proper entity, update daily briefing slides for delivery to NCCIC leadership, conduct first-line incident triage, and conduct quality control for products being disseminated from the NCCIC.

Required Qualifications

  • Bachelor’s Degree
  • Active Top-Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, the selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET CLEARANCE REQUIRED.