Refer Me

Get ReferralsAI ApplyTailor ResumeFor YouPremium
Sign in
Agile Defense

Agile Defense

--

--

Government Defense

Cyber Security Incident Response Analyst – Intermediate

Fort Huachuca, AZ, US

Posted on Jan 26, 2026

RegularMid LevelOn SiteCybersecurity

Job Description

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 1389
Job Tittle: Cyber Security Incident Response Analyst – Intermediate
Location: Ft. Huachuca, AZ
Clearance: Secret
Required Certifications
Candidates must possess one of the following certifications prior to start date:
· CompTia Security+, Certified Ethical Hacker (CEH), CYSA+


Summary
We are looking for a skilled and proactive Incident Handler to join our 24x7 security operations team. The ideal candidate will be instrumental in protecting our organization by independently identifying, analyzing, and responding to cybersecurity incidents. This role requires a strong background in cyber security, 2-4 years of hands-on experience with incident response methodologies, and proficiency with tools like SIEM and EDR. You will manage the full lifecycle of security incidents, from detection to resolution, and contribute to the refinement of our defensive playbooks. Experience with Enterprise, Military or Department of War (DOW) operational environment is strongly desired.

Key Responsibilities
The Incident Handler will perform essential functions including, but not limited to:
· Incident Lifecycle Management: Independently manage the full lifecycle of low to medium-severity security incidents, beginning with the continuous monitoring and triage of alerts from SIEM and EDR tools, and proceeding through containment, eradication, and recovery.
· Log and Endpoint Analysis: Conduct detailed analysis of logs from various sources, including network devices, servers, and applications, as well as endpoint data from EDR platforms to investigate security events.
· Containment and Remediation: Utilize security tools to contain active threats, such as isolating endpoints or blocking malicious IP addresses. Execute and verify remediation steps to resolve the incident.
· Playbook Execution and Refinement: Execute complex incident response playbooks and provide constructive feedback to senior handlers for the refinement and improvement of current procedures.
· Reporting: Create clear and comprehensive incident reports detailing the timeline of events, investigative steps, root cause analysis, and actions taken to resolve the incident.


Required Qualifications
· Experience: Minimum of 2-5 years of experience in a dedicated incident response, security operations center (SOC), or closely related cybersecurity role.
· A bachelor’s degree in cyber security or related field can replace experience requirements.
· Core Knowledge: Strong understanding of the incident response lifecycle (e.g., NIST framework), common attack vectors, and foundational network and endpoint forensics.
· Tool Experience: Hands-on experience investigating and responding to threats using Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms.
· Skills: Proven analytical and problem-solving abilities, with a capacity to work independently on incidents of varying complexity.
· Communication: Excellent communication skills, with demonstrated ability to write clear, concise incident reports and collaborate effectively with other technical teams.
· Environment: Proven ability to work in a fast-paced 24x7 security operations environment, effectively managing and prioritizing multiple incidents.
· Clearance: Must be able to obtain and maintain a Secret security clearance.

Required Certifications
Candidates must possess one of the following certifications prior to start date:
· CompTia Security+, Certified Ethical Hacker (CEH), CYSA+

Preferred Qualifications (A Strong Plus)
· Military/DoD Experience: Familiarity with U.S. military policies, procedures, and organizational structures.
· Cyber Security Controls: Foundational understanding of cybersecurity controls and the importance of adhering to security policies in a professional environment.
· Network Analysis: Basic experience reviewing network activity logs and an understanding of common network protocols (e.g., DNS, HTTP, SMB).
· Endpoint Security: Familiarity with reviewing security events from standard endpoint platforms (e.g., antivirus, host firewalls).
· Tool Familiarity: Exposure to or academic experience with some of the following tools:
· A SIEM platform (e.g., Splunk, Kibana, Sentinel)
· MDE EDR platform and or KQL
· ServiceNow or another ticketing system
· Linux Command Line

About Agile Defense

"Listen. Think. Innovate."​

Our goal is to innovate alongside our customers to transform their operations using IT.

We support significant agency programs and work to partner with our customers to deliver quality and innovative IT solutions with our “Listen. Think. Innovate.” philosophy. Our customers include the US Department of Defense and US civil agencies, including Department of State and the Department of Interior.

Let us know how we can bring our innovation approaches and...

Job overview

Employment type

Regular

Experience level

Mid Level

Work type

On Site

Department

Cybersecurity

Posted

on Jan 26, 2026

About

Job Link

jobs.lever.co

Financials

Type

private

Annual Revenue

--

Market Cap

--

Amount Raised

--

Subscribe to Refer Me premium to get referred to this role at Agile Defense!

Your career is worth investing in.

Get unlimited referrals with Premium.

Upgrade to Premium

Refer Me logo

Refer Me

Referrals

Get Referred

Subscription

© 2026 Crucible Fund LLC. All rights reserved.