About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
About The Role
Peraton is seeking to hire an experienced Incident Handling Analyst for its Regional Cyber Center-Europe program
Location: On-site, Wiesbaden, Germany
Responsibilities:
- Monitor security event feeds across IDS/SIEM platforms, reviewing alerts and identifying events requiring escalation or incident declaration in accordance with CSSP procedures
- Triage incoming security alerts, applying analytical judgment to distinguish true positives from false positives and prioritizing response actions based on threat severity and mission impact
- Coordinate incident response actions across internal CSSP teams, network operations, and mission owners, ensuring timely containment and eradication of identified threats
- Document all incidents comprehensively from initial detection through resolution, capturing timelines, evidence, analyst actions, and lessons learned in the incident management system
- Maintain and update incident tracking systems (e.g., TheHive, ServiceNow) to ensure accurate status reporting, SLA compliance, and audit-ready records for all security events
- Support post-incident analysis and after-action reviews, contributing to root cause identification, process improvement recommendations, and updates to CSSP playbooks and SOPs
#RCC-E
Qualifications
Required:
- Bachelor’s degree (STEM/Business Admin)and a minimum of 5 years of cybersecurity or incident response experience, or an associate’s degree with a minimum of 7 years of relevant experience; or 11 years of relevant experience in lieu of the bachelors degree
- Must meet TESA Qualification
- DoD 8140 - Cybersecurity (Cyber Defense Incident Responder) - Intermediate
- Certifications — must hold active certifications (one of the following):
- Cisco CyberOps Professional; OR
- SANS (any GIAC certification); OR
- Microsoft Certified: Security Operations Analyst Associate; OR
- Blue Team Level 1; OR
- OSDA (Offensive Security Defense Analyst)
- U.S. citizenship required
- Active DoD TS/SCI clearance or higher
Preferred:
- Experience with TheHive or similar case management platforms for structured incident tracking
- Familiarity with ServiceNow IT Service Management for ticketing and SLA management
- Proficiency with Elastic Stack or Splunk for security event correlation and investigation
- Working knowledge of NIST SP 800-61 Computer Security Incident Handling Guide
- Experience with digital forensics tools (e.g., FTK, Autopsy, Volatility) for evidence collection
- Familiarity with MITRE ATT&CK framework for TTP mapping during incident analysis
- Understanding of network protocols and traffic analysis to support incident scoping
- Experience developing or refining incident response playbooks and standard operating procedures
Details
Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement:
Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at <a href="https://www.careers.peraton.com/benefits" target="_blank" rel="noopener">https://www.careers.peraton.com/benefits.
Application Duration Statement:
The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
