Cyber Incident Responder

By /
  • Location: Little Canada, Minnesota
  • Type: Contract
  • Job #104301

Job Title: Cyber Incident Responder
Contract Duration: 1 year, possible extension
Location: St. Paul, MN
Work Arrangement: Onsite
Pay Range: $42.00-$47.00/hour

Primary Job Function

  • Responsible for investigating, analyzing, and responding to security incidents across the organizations environment.
  • Leads or executes complex incident response activities, adapts standard procedures to evolving threats.
  • Plays a critical role in protecting the organizations technology assets by identifying, analyzing, and responding to cybersecurity threats that may result in unauthorized access, misuse, or disruption of services.

Core Job Responsibilities

  • Monitor security alerts and events from various tools (SIEM, EDR, IDS/IPS, etc.) to identify potential incidents.
  • Perform triage, correlation, and in-depth analysis of security events, including indicators of compromise (IOCs), malware activity, phishing attempts, and suspicious network behavior.
  • Conduct forensic analysis on systems, networks, and endpoints to determine root cause and scope of incidents.
  • Develop and implement response strategies to mitigate immediate threats and prevent recurrence.
  • Support the implementation, tuning, and monitoring of security tools such as SIEM, EDR, firewalls, and intrusion detection systems.
  • Ensure security controls are effectively detecting and preventing malicious activity.
  • Validate and enhance alerting mechanisms to reduce false positives and improve detection accuracy.
  • Document incidents thoroughly, including timelines, impact assessments, and remediation actions.

Position Accountability & Scope

  • Accountable for timely detection, analysis, and response to cybersecurity incidents to minimize organizational risk and business disruption.
  • Works under moderate supervision but exercises independent judgment when handling incidents and escalating issues.
  • Responsible for maintaining the confidentiality, integrity, and availability of organizational systems and data.
  • Collaborates cross-functionally with IT, network, security engineering, and business teams during incident response activities.
  • Contributes to continuous improvement of incident response processes, playbooks, and detection capabilities.
  • Ensures compliance with internal security policies, standards, and regulatory requirements.

Minimum Education

  • Bachelor’s degree in Information Technology or similar area; or equivalent work experience.

Minimum Experience/Training

  • 3 years of technical experience in a Security Operations Center (SOC), incident response, or cybersecurity-related role.
  • Demonstrated experience with security monitoring and investigation tools (e.g., SIEM such as Splunk, EDR platforms, email security tools).
  • Strong understanding of network protocols, operating systems, enterprise security controls and frameworks such as MITRE ATT&CK.

#LI-MS1

Scroll to Top