SOC Incident Response Analyst I

Req ID : RQ207914

Type of Requisition : Regular

Clearance Level Must Be Able to Obtain : None

Public Trust / Other Required : MBI (T2)

Job Family : Cyber and IT Risk Management

Skills :

Incident Handling,Incident Response,Security Tools,Wireshark

Experience :

1 + years of related experience

US Citizenship Required :

Yes

Job Description :

We are seeking a motivated Incident Response SOC Analyst I to join our SOC team. In this entry-to-mid-level role, you will work under the guidance of senior analysts to monitor security telemetry, triage alerts, perform initial investigations, and assist with containment and remediation activities. This is an excellent opportunity to grow your skills in incident response, threat hunting, forensics, and security tooling.

This is a hybrid position, candidates must reside in the DC metropolitan area and be open to working either day or evening shifts

Key Responsibilities

Monitor and triage security alerts from SIEM, EDR, IDS / IPS, and other security telemetry sources.

Conduct initial incident validation, categorize incidents, and determine severity levels.

Perform basic to intermediate incident response activities, including containment, eradication, and recovery steps under supervision.

Gather and preserve digital evidence following standard operating procedures and chain-of-custody requirements.

Collaborate with IT and security teams to apply mitigations, patches, and configuration changes.

Document investigation steps, findings, and remediation actions in incident tickets.

Participate in post-incident reviews (PIR) and help develop lessons learned.

Respond to on-call rotations as required.

Expand knowledge of MITRE ATT&CK, common attack techniques, and security best practices.

Assist with monitoring and improving SOC processes, playbooks, and runbooks.

Required Qualifications

Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field

Minimum 1 year of professional experience in cyber incident response

Foundational knowledge of cyber security concepts, such as incident handling lifecycle, threat intelligence, and basic forensics.

Familiarity with security tools (SIEM, EDR, SOAR, threat intel feeds) and basic incident response workflows.

Hands-on experience with SIEM (e.g., Splunk, QRadar, ArcSight), EDR (e.g., CrowdStrike, Defender, SentinelOne), and basic SOAR concepts.

Experience with incident response tooling, digital forensics, and evidence handling.

Understanding of networking fundamentals (TCP / IP, DNS, HTTP / S, VPNs, firewalls).

Strong analytical and problem-solving skills with a structured, methodical approach.

Excellent written and verbal communication; ability to produce clear incident reports and documentation.

Ability to work in a fast-paced environment and participate in on-call rotations (as needed).

Commitment to continuous learning and professional growth in cybersecurity.

Preferred Qualifications

Relevant certifications (e.g., CompTIA Security+, CEH, SANS GCIH, GIAC GCIA, or equivalent).

Knowledge of MITRE ATT&CK framework and common attacker techniques.

Familiarity with cloud security concepts (AWS / Azure / GCP) and cloud incident response considerations.

Scripting or automation skills (PowerShell, Python, Bash) a plus.

GDIT IS YOUR PLACE

At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• ? Growth : AI-powered career tool that identifies career steps and learning opportunities
• ? Support : An internal mobility team focused on helping you achieve your career goals
• ? Rewards : Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• ? Community : Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY

Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

The likely salary range for this position is $72,250 - $97,750. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work / life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI / ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans