Stellenbeschreibung:
Required
- Bachelor’s degree (STEM/Business Admin)and a minimum of 5 years of cybersecurity or incident response experience, or an associate’s degree with a minimum of 7 years of relevant experience; or 11 years of relevant experience in lieu of the bachelors degree
- Must meet TESA Qualification
- DoD 8140 - Cybersecurity (Cyber Defense Incident Responder) - Intermediate
- Certifications — must hold active certifications (one of the following):
- Cisco CyberOps Professional; OR
- SANS (any GIAC certification); OR
- Microsoft Certified: Security Operations Analyst Associate; OR
- Blue Team Level 1; OR
- OSDA (Offensive Security Defense Analyst)
- U.S. citizenship required
- Active DoD TS/SCI clearance or higher
Preferred
- Experience with TheHive or similar case management platforms for structured incident tracking
- Familiarity with ServiceNow IT Service Management for ticketing and SLA management
- Proficiency with Elastic Stack or Splunk for security event correlation and investigation
- Working knowledge of NIST SP 800-61 Computer Security Incident Handling Guide
- Experience with digital forensics tools (e.g., FTK, Autopsy, Volatility) for evidence collection
- Familiarity with MITRE ATT&CK framework for TTP mapping during incident analysis
- Understanding of network protocols and traffic analysis to support incident scoping
- Experience developing or refining incident response playbooks and standard operating procedures
Peraton is seeking to hire an experienced Incident Handling Analyst for its Regional Cyber Center-Europe program
Location: On-site, Wiesbaden, Germany
Responsibilities
- Monitor security event feeds across IDS/SIEM platforms, reviewing alerts and identifying events requiring escalation or incident declaration in accordance with CSSP procedures
- Triage incoming security alerts, applying analytical judgment to distinguish true positives from false positives and prioritizing response actions based on threat severity and mission impact
- Coordinate incident response actions across internal CSSP teams, network operations, and mission owners, ensuring timely containment and eradication of identified threats
- Document all incidents comprehensively from initial detection through resolution, capturing timelines, evidence, analyst actions, and lessons learned in the incident management system
- Maintain and update incident tracking systems (e.g., TheHive, ServiceNow) to ensure accurate status reporting, SLA compliance, and audit-ready records for all security events
- Support post-incident analysis and after-action reviews, contributing to root cause identification, process improvement recommendations, and updates to CSSP playbooks and SOPs
#RCC-E
#J-18808-LjbffrNOTE / HINWEIS:
EN: Please refer to Fuchsjobs for the source of your application
DE: Bitte erwähne Fuchsjobs, als Quelle Deiner Bewerbung
EN: Please refer to Fuchsjobs for the source of your applicationDE: Bitte erwähne Fuchsjobs, als Quelle Deiner BewerbungStelleninformationen
Veröffentlichungsdatum:
19 Apr 2026Standort:
WiesbadenTyp:
VollzeitArbeitsmodell:
Vor OrtKategorie:
Erfahrung:
2+ yearsArbeitsverhältnis:
Angestellt
KI Suchagent
Möchtest über ähnliche Jobs informiert werden? Dann beauftrage jetzt den Fuchsjobs KI Suchagenten!
Diese Jobs passen zu Deiner Suche:
Junior Cyber Incident Manager (m/w/d)
Crawford & Company (Deutschland) GmbHVollzeit Düsseldorf
17 Apr 2026
Cyber Security Analyst (m/w/d)
Get In EngineeringVollzeit Offenbach
17 Apr 2026
Vollzeit Wiesbaden
18 Apr 2026
Vollzeit Wiesbaden
18 Apr 2026
Crawford & Company (Deutschland): Cyber Incident Manager / Technical Expert (m/w/d)
Crawford & Company (Deutschland) GmbHVollzeit WorkFromHome
18 Apr 2026
Vollzeit Wiesbaden
18 Apr 2026
Vollzeit Wiesbaden
18 Apr 2026
Cyber Incident Manager / Technical Expert (m/w/d)
Crawford & Company (Deutschland) GmbHVollzeit Düsseldorf
18 Apr 2026Development & IT