Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Cherokee Federal

Senior Incident Response Analyst

Cherokee Federal

Senior Incident Response Analyst in hands-on cybersecurity role addressing incidents in enterprise environments. Collaborates with teams to enhance defenses and incident response processes.

Posted 7/9/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $160,000 - $170,000 per yearWebsite

Tech Stack

Tools & technologies
AWSAzureCloudCyber SecurityLinuxPythonSplunk

About the role

Key responsibilities & impact
  • Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments.
  • Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies.
  • Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness.
  • Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques.
  • Perform root cause analysis and recommend corrective and preventive actions.
  • Document investigation findings, incident timelines, lessons learned, and technical reports.
  • Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows.
  • Support digital evidence collection and basic forensic activities while maintaining chain of custody.
  • Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities.
  • Support security reviews of IT systems, applications, and cloud services.
  • Assist with cybersecurity policies, standards, and operational procedures.
  • Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams.
  • Monitor incident metrics and contribute to operational reporting.
  • Stay current on emerging threats and industry best practices.
  • Performs other job-related duties as assigned.

Requirements

What you’ll need
  • 5+ years of cybersecurity experience with at least 3 years in Incident Response, Security Operations, Threat Hunting, or Detection Engineering.
  • Hands-on experience investigating Windows, Linux, cloud, identity, and network incidents.
  • Experience with SIEM platforms such as Splunk ES, Microsoft Sentinel, QRadar, or similar.
  • Experience with EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne, or similar.
  • Knowledge of AWS GuardDuty, Security Hub, Azure Defender, or equivalent cloud security tools.
  • Strong understanding of MITRE ATT&CK and the incident response lifecycle.
  • Experience with log analysis, malware triage, threat hunting, and root cause analysis.
  • Strong written and verbal communication skills.
  • Ability to thrive in a fast-paced operational environment.
  • Experience with Splunk Enterprise Security correlation searches and detection tuning preferred.
  • Familiarity with Splunk SOAR or similar orchestration platforms preferred.
  • Experience supporting phishing investigations and tabletop exercises preferred.
  • Knowledge of FISMA, FedRAMP, NIST RMF, NIST 800-61, and NIST CSF preferred.
  • Python or PowerShell scripting experience preferred.
  • GCIH, GCIA, GCFA, CISSP, Security+, CySA+, or CEH certifications preferred.
  • Must be eligible to obtain and maintain a Public Trust.
  • Past applicable job experience may include, but is not limited to: Incident Response Analyst, Cybersecurity Analyst, Security Operations Center (SOC) Analyst, Threat Hunter, Detection Engineer, and Cyber Incident Responder.
  • Must pass pre-employment qualifications of Cherokee Federal.

Benefits

Comp & perks
  • Medical
  • Dental
  • Vision
  • 401K
  • Other possible benefits as provided. Benefits are subject to change with or without notice.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Incident ResponseThreat HuntingLog AnalysisMalware TriageRoot Cause AnalysisPython ScriptingPowerShell ScriptingCloud Security ToolsDetection TuningForensic Activities
Soft Skills
Strong Written CommunicationStrong Verbal CommunicationAbility to Thrive in Fast-Paced Environment
Certifications
GCIHGCIAGCFACISSPSecurity+CySA+CEH