Cyber Incident Response Analyst OT​/ICS​/SCADA​/Act Security Clearance

Position: Cyber Incident Response Analyst with OT/ICS/SCADA / Travel & Act with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview About

The Role Peraton is currently seeking to hire an experienced Incident Response Analyst (ICS/OT/SCADA) for its' Federal Strategic Cyber group.

Location:

On-site in Arlington, VA
* Travel:
Approximately 40%
Peraton is seeking an experienced Incident Response Analyst with strong OT/ICS/SCADA expertise to support its Federal Strategic Cyber program. This role involves responding to cyber incidents across critical infrastructure sectors and working closely with technical teams, forensic analysts, and mission partners to safeguard national-level systems. In This Role, You Will:
* Respond to cybersecurity incidents across ICS, OT, and IT environments and provide recommendations to prevent recurrence within critical infrastructure sectors.

* Apply functional knowledge to resolve incidents, conduct proactive threat hunts, and contribute to solutions for problems of moderate scope and complexity.

* Support highly technical operations and forensic analysis while advising client decision-makers.

* Provide sector-specific expertise for one or more critical infrastructure areas, including Water, Power, Critical Manufacturing, and Transportation.

* Follow established procedures for incident response and escalation.

* Help define and refine response procedures for industrial control system environments.

* Apply traditional incident response and threat-hunting tradecraft to ICS/critical-infrastructure environments while accounting for operational constraints.

* Collaborate with host, network, and cloud forensic analysts to meet mission requirements for incident response and threat-hunting engagements.

* Maintain accurate documentation of incident response activities and findings.

* Prepare and deliver incident reports to management and stakeholders.

* Work effectively in a team environment and contribute to mission success.

* Stay current on cybersecurity trends to enhance hunt and response operations.

* Demonstrate strong attention to detail, critical thinking, and customer-service orientation.

* Self-teach and test new tools, methodologies, and techniques as needed.

* Meet on-site requirements of at least one day per week (up to three days depending on mission needs).

* Travel up to 40%.
Qualifications

Required Qualifications:

* Bachelor's degree and 5 years of relevant experience;
Master's degree and 3 years. An additional 4 years of relevant experience will be considered in lieu of a degree.

* Must have 1-2 years of relevant Threat Hunting or DFIR experience directly supporting Critical Infrastructure (CI) / ICS environments.

* Experience conducting security site assessments, including analysis of network security architecture, baseline ports/protocols/services, and asset characterization.

* Experience using SIEM tools for pattern identification, anomaly detection, and trend analysis.

* Experience analyzing ICS network protocols such as Mod Bus, ENIP/CIP, BACnet, DNP3, etc.

* Experience with common open-source and commercial tools used in event analysis, incident response, forensics, malware analysis, or security operations.

* Experience with host-based and network-based collection and detection tools (OSS/COTS).

* U.S. citizenship required.
* Active Top Secret security clearance.

* Ability to obtain a TS/SCI for continued employment.

* Ability to obtain and maintain a favorably adjudicated DHS background investigation.
Desired

Qualifications:

* Certifications such as GISCP, GCFA, GNFA, GRID, or OT sensor certifications.

* 2+ years of Threat Hunting or DFIR experience.

* Experience on DoD Cyber Protection Teams.

* Experience performing digital forensics on laptops/desktops, PLCs, HMIs, Historians, and SCADA systems.

* Experience with SIEM platforms (e.g., Splunk) including threat hunting, analytic development, dashboards, and reporting.

* Familiarity with critical-infrastructure frameworks (NIST, IEC 62443).

* Ability to automate repeatable tasks.

* Scripting experience in Python, Bash, Power Shell, and/or JavaScript.
SCA / Union / Intern Rate or Range Details Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and…