Job ID: 7339
Date Posted: April 7, 2026
Space Dynamics Laboratory (SDL) is seeking a highly skilled Cybersecurity Analyst - Incident Response Lead to join our Corporate Information Security team. The selected candidate will serve as the technical lead for incident response and forensic investigations, supporting SDL's mission to protect critical information systems in support of national defense and space operations.
As a key member of the Cybersecurity Operations team, this individual will lead the detection, analysis, containment, and remediation of cybersecurity incidents, while advancing SDL's incident response and forensic capabilities.
If you thrive in high-tempo environments, have deep technical expertise, and are passionate about defending mission-critical systems, we encourage you to apply.
As a trusted partner in national defense and space exploration, SDL offers a dynamic, mission-driven environment where your expertise will directly contribute to critical security initiatives. If you thrive in high-stakes, team-oriented settings and have a passion for cybersecurity compliance, risk management, and audit excellence, we want to hear from you!
Key Responsibilities:
Leads end-to-end incident response activities, including identification, containment, eradication, and recovery
Serves as the technical lead during security incidents, coordinating across IT, Cybersecurity Engineering, Governance, Risk and Compliance (GRC) and leadership
Develops and maintains incident response playbooks and procedures
Conducts and leads incident response exercises and tabletop scenarios
Performs host-based, network-based, and log-based forensic analysis
Preserves evidence in accordance with legal and regulatory requirements
Conducts root cause analysis and produces detailed forensic reports
Supports internal investigations and external reporting requirements
Analyzes alerts from SIEM, EDR, EPP, and other tools to identify potential threats
Correlates logs across multiple data sources to identify attack patterns and indicators of compromise (IOCs)
Conducts threat hunting activities to proactively identify adversary behavior
Integrates threat intelligence into detection and response processes
Develops and refines detection use cases and alerting logic
Recommends and implements improvements to incident response processes and tooling
Automates response workflows where feasible
Tracks metrics and performance of incident response capabilities
Coordinates with GRC teams to ensure incidents are properly documented and aligned with compliance requirements
Communicates incident status, impact, and remediation actions to stakeholders
Supports CMMC assessment activities related to incident response and logging
Required Qualifications (Must-Have Skills and Education):
5+ years of experience in cybersecurity, with a focus on incident response and/or security operations
Bachelor's degree in cybersecurity, information assurance, computer science, MIS, engineering, or a related field (or additional 5 years of experience)
Relevant certification (e.g., CySA+, GCIA, GCIH, CISSP)
Hands-on experience with: Incident response processes and frameworks (e.g., NIST SP 800-61), SIEM platforms (e.g., Splunk, Microsoft Sentinel), Endpoint Detection and Response (EDR) tools, Log analysis and event correlation
Experience conducting forensic investigations (disk, memory, or network)
Strong understanding of attacker tactics, techniques, and procedures (TTPs)
Ability to analyze and interpret Indicators of Compromise (IOCs)
Strong analytical and problem-solving skills
Excellent written and verbal communication skills
Must be a U.S. citizen with the ability to obtain and maintain a U.S. Government... For full info follow application link.
EOE including Disability and Vet
