Incident Response Analyst - Motion Recruitment : Job Details

Incident Response Analyst

Remote Only

Contract

$40/hr - $60/hr

We are seeking a highly skilled Cybersecurity Incident Response Analyst with expertise in threat detection, incident handling, and operational security. The ideal candidate will have a proven track record as part of an incident response team, with the ability to integrate artificial intelligence and machine learning into security operations workflows to enhance detection, automation, and response capabilities.

Key Responsibilities:

• Serve as a core member of the Incident Response (IR) team, performing cybersecurity analysis, incident detection, investigation, containment, eradication, and recovery.

• Conduct root cause analysis, identify attack vectors, and develop recommendations to prevent recurrence.

• Develop and maintain incident response playbooks and standard operating procedures.

• Integrate AI/ML solutions into Security Operations Center (SOC) workflows to improve threat hunting, anomaly detection, and automated triage.

• Utilize and optimize security tools including Splunk , SentinelOne , Armis , and SNA for log analysis, endpoint detection, network monitoring, and asset visibility.

• Collaborate with SOC engineers, threat hunters, and vulnerability management teams to ensure seamless security operations.

• Provide after-action reports, threat intelligence integration, and executive briefings on incident trends.

• Stay current with evolving cyber threats, AI/ML advancements in security, and emerging incident response methodologies.

Required Qualifications:

• A minimum of eight (8) to twelve (12) years' relevant experience.

• A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.

• Solid understanding of cybersecurity principles, attack vectors, malware analysis, network forensics, and digital evidence handling.

• Proven work history in incident response roles.

• Hands-on experience with SIEM, EDR, and network security platforms (Splunk, SentinelOne, Armis, SNA).

• Strong knowledge of AI/ML applications in security operations, including model selection, tuning, and integration into existing workflows.

• Familiarity with MITRE ATT&CK framework, threat hunting techniques, and cyber kill chain concepts.

• Ability to work under pressure during active incidents and prioritize effectively in high-stress environments.

• Excellent communication skills for both technical and executive-level audiences.

Preferred Qualifications:

• Industry certifications such as GCIA, GCFA, GCIH, GNFA, or equivalent.

• Experience scripting or automating security processes (Python, PowerShell, etc.).

• Prior federal or government contracting experience.

You will receive the following benefits:

• Medical Insurance - Four medical plans to choose from for you and your family

• Dental & Orthodontia Benefits

• Vision Benefits

• Health Savings Account (HSA)

• Health and Dependent Care Flexible Spending Accounts

• Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance

• Hospital Indemnity Insurance

• 401(k) including match with pre and post-tax options

• Paid Sick Time Leave

• Legal and Identity Protection Plans

• Pre-tax Commuter Benefit

• 529 College Saver Plan

TG Federal is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP's Employment Accommodation policy. Applicants need to make their needs known in advance.