Senior Cyber Response Analyst / Active TS/SCI

Responsibilities

Peraton is seeking to hire an experienced Senior Cyber Response Analyst for its' Regional Cyber Center-Europe program

Location: On-site, Wiesbaden, Germany

Responsibilities:

• Lead incident response operations for high-severity and critical cyber events affecting DoDIN-Europe, directing containment, eradication, and recovery actions in coordination with RCC-E CSSP, NETCOM, and ARCYBER stakeholders
• Conduct in-depth malware analysis and digital forensic investigations on compromised systems, leveraging memory forensics, static/dynamic malware analysis, and artifact examination to determine scope, root cause, and adversary TTPs
• Manage SIEM (Elastic Stack/Splunk) alert triage workflows, developing and refining correlation rules and detection logic to improve fidelity of alerts and reduce analyst fatigue across the RCC-E security operations environment
• Produce detailed threat intelligence and incident reports - including executive summaries and technical findings - that clearly articulate adversary behavior, indicators of compromise (IOCs), and recommended mitigations to both technical and non-technical audiences
• Coordinate with NETCOM G2, ARCYBER, and CISA to share threat intelligence, deconflict incident response activities, and ensure RCC-E defensive actions align with Army-wide cyber defense priorities
• Mentor and provide technical guidance to junior cyber analysts, conducting knowledge transfer sessions on incident response methodologies, forensic techniques, and SIEM tool usage to build team capability

#RCC-E

Qualifications

Required:

• Bachelor's degree in a STEM field or Business Administration and a minimum of 5 years of cyber incident response and security operations experience; or an associates degree and minimum of 7 years of relevant experience, or 11 years of relevant experience that may substitute for the bachelors degree requirement
• Must meet TESA Qualifications
• DoD 8140 - Cybersecurity (Cyber Defense Incident Responder) - Advanced
• Certifications - must hold active certifications (one of the following):
  • Cisco CyberOps Professional
  • GCIA (GIAC Certified Intrusion Analyst)
  • GCIH (GIAC Certified Incident Handler)
  • GCFE (GIAC Certified Forensic Examiner)
  • GNFA (GIAC Network Forensic Analyst)
  • GREM (GIAC Reverse Engineering Malware)
  • Blue Team Level 2
  • Microsoft Certified: Cybersecurity Architect Expert
  • OSDA (Offensive Security Operations and Defensive Analysis)
• Demonstrated experience in IDS/SIEM monitoring, event triage and evaluation, malware and forensic analysis, multi-source data analysis, incident response coordination, TTP and exploit knowledge, and ability to articulate findings to technical and non-technical audiences
• U.S. citizenship required
• Active DoW TS/SCI security clearance

Preferred:

• Advanced proficiency with Elastic Stack (Elasticsearch, Kibana, Logstash) or Splunk for SIEM operations, detection engineering, and threat hunting
• Experience with TheHive and MISP for structured incident case management and threat intelligence sharing
• Proficiency with Wireshark and Zeek/Bro for network traffic analysis and protocol-level investigation
• Experience with Volatility or Rekall for memory forensics and RAM dump analysis
• Familiarity with YARA rule development for malware detection and IOC-based hunting
• Working knowledge of MITRE ATT&CK framework for adversary behavior mapping and detection gap analysis
• Experience with network forensics tools and techniques including PCAP analysis and NetFlow correlation
• Familiarity with malware reverse engineering techniques and sandbox analysis platforms (Cuckoo, Any.run)

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.All