top of page

Security Incident Analyst Level 4 104-033


See a complete list of our open positions

Apply at the Bottom of the Page

IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community.  We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.  

Some of the positions are future positions.  Please look at the opening line of the job description to determine if this is an open or future position.


Our positions are not remote unless stated in the job description below.

We are looking to fill this position at the following location(s):

    Bolling AFB, Washington D.C

Job Description

Security Incident Analyst Level 3:

Job Description:

You'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. The Security Incident Analyst (SIA) is responsible for the mitigation of security incidents on DIA information systems. The SIA investigates incidents involving information technology (IT) assets and DIA personnel to the DIA Computer Network Defense Center (DCNDC) and Information Systems Security Managers (ISSM) for situational awareness and tracking purposes. SIA then manages, coordinates, and reports mitigation actions in order to sanitize agency assets prior to resolving cases. 

This position has alternate locations of Reston, VA and Colorado Springs, CO.

Level 4:

  • Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.\Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

  • Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.

  • Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.

  • Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.

  • Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.

  • Researches and evaluates new concepts and processes to improve performance. 

  • Analyzes cross-functional problem sets, identifies root causes and resolves issues.

  • Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.

  • May coach and provide guidance to less-experienced professionals.

  • May serve as a team or task lead.


  • Manage network computer and system security incidents relating to data spills, misclassifications, unauthorized software downloads, system misconfigurations, crossdomain violations, etc. 

  • Perform incident investigation and analysis to research and gather information for mitigation coordination. 

  • Utilize cyber and case management tools. 

  • Prepare case evidence and incident reports. 

  • Provide training and guidance to less-experienced technical staff members, and customer education to network users. 

  • Work on special projects as assigned. 


  • Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems.  

Education and Experience:

  • HSD/GED+10yrs

  • Associates+8yrs

  • Bachelors+6yrs

  • Masters+4yrs

  • PhD+2yrs

  • NOTE:  Relevant professional certifications will be considered   equivalent to six (6) months of relevant experience.

Training and Certifications:

  • DoD Approved Baseline 8570 IAT level III (CASP, CISSP, CISA, etc.) and DoD Approved Baseline 8570 CSSP Auditor (CEH, CySA, CISA, etc.) certifications are required prior to start date.

Security Clearance:

  • DoD Approved Clearance and Poly


You are applying for the position of 
Security Incident Analyst Level 4 104-033
Upload Your Resume
bottom of page