Location: Herndon, VA

Job ID: 5876

Capital TechSearch is seeking Principal Security Analyst , Analysis & Response to join the commercial global Security Incident Response Team - responsible for security event analysis, incident response, and related activities.


  • Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date
  • Perform security monitoring and incident response activities across the global networks, leveraging a variety of tools and techniques
  • Detect incidents through proactive hunting across security-relevant data sets
  • Thoroughly document incident response analysis activities
  • Review investigations conducted by more junior analysts to ensure quality standards are met
  • Develop new, repeatable methods for finding malicious activity across the global networks
  • Provide recommendations to enhance detection and protection capabilities
  • Regularly present technical topics to technical and non-technical audiences
  • Write high-quality incident reports for executives
  • Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents
  • Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment
  • Provide assistance to other security teams
  • Continually develop new technical skills and push overall team capabilities forward
  • Mentor junior team members
  • Work with other teams on major engineering and architecture initiatives related to enterprise security


  • Bachelor's in information technology, Engineering, Cybersecurity or related field
  • 7+ years of experience in Information Technology with at least 5 years of experience in Information Security
  • Experience working remotely full time or experience working with a geographically dispersed team
  • Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis
  • Experience analyzing raw log files, particularly logs from network or host-based security tools
  • Experience analyzing packet captures
  • Deep understanding of network defense principles, common attack vectors, and attacker techniques
  • Advanced technical skills and the ability to develop a mastery of network and host security technologies
  • Strong aptitude for continuous learning and growth
  • Linux command line
  • Experience with at least two programming or scripting languages
  • Experience with the following technologies or concepts:
    • SIEM or other security/log management platforms
    • Host-based forensics analysis
    • Static and dynamic malware analysis
    • Email analysis
    • Regular expressions
    • IDS/IPS
    • Firewalls
    • Virtualization
    • Common TCP and UDP protocols

All candidates must be authorized to work in the USA

No remote

No c2c

To be immediately and seriously considered for this exceptional opportunity please apply below. Your responses will be held in the strictest confidence.

Please call our office if you have any questions. Capital TechSearch, Inc. is an Equal Opportunity Employer.

Apply for this position

  • Accepted file types: doc, docx, pdf, txt.
    File types permitted: .DOC, .DOCX, .PDF, or .TXT
  • Accepted file types: docx, doc, pdf, txt, rtf.
    docx, doc, pdf, or txt files
  • Add any additional information in the notes that describes your value and fit for the position. Additional considerations may include your availability, compensation, and if you are not local to the position, your interest in relocating.

By clicking "Apply" you agree to receive new job updates, information and news from Capital TechSearch, Inc. You can always unsubscribe from our communications at any time.