Millennium Corporation

Incident Response Analyst Tier III

Job Locations US-DC-Washington, DC
Posted Date 3 days ago(8/5/2022 3:45 PM)
Job ID


For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity. Our elite team of more than 400 experts has an unparalleled record of performance supporting Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. With the largest contingent of contracted Red Team operators in the DoD, we provide an unmatched level of threat intelligence and battle-tested experience for customers in both the DoD and federal civilian markets.

What We Believe

We believe that diversity is a fact, inclusion is a choice.  At Millennium Corporation, we are inclusive. We celebrate multiple approaches and different points of view. We strongly believe that diversity drives innovation, and we are building a culture where differences are valued. We are always growing our programs and we offer tools to help our employees grow and manage their careers.


Millennium is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Millennium promotes affirmative action for women, minorities, disabled persons, LGBTQ+ and veterans.



Millennium Corporation is hiring an Incident Response Analyst Tier III in Washington, DC. Candidate must have an active Top-Secret Clearance with eligibility to obtain SCI/CI Poly.


In support of a premier federal agency, we are looking to expand our industry-leading, high-impact, Blue Team.  The Blue Team consists of specialized cybersecurity professionals that perform intelligence/ threat-based security assessments on critical systems, major applications, and networks to identify security risks to brief systems owners of the potential impacts of those risks to their mission. The Blue Team rapidly responds to cyber incidents on the agency's internal network to find root cause, assess impacts, and mitigate.  Incident Responders follow NIST SP 800-61 guidelines and should have a specialty in one of the functions outlined in this SP.


The Incident Response Analyst will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations. The candidate is required to validate suspicious events or reports and determine if the event constitutes an incident. The candidate will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident.


  • Compiles and maintains internal standard operating procedure (SOP) documentation.
  • Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.
  • Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.
  • Provides 24x7 support for the CSSP’s Incident Response capability during non-core business hours consistent with CSSP requirements as needed.
  • Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.
  • Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).
  • Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
  • Possesses understanding of IDS/IPS solutions to include signature development and implementation
  • Participates in program reviews, product evaluations, and onsite certification evaluations.


  • Must have an Top-Secret Clearance
  • Bachelor's degree in Engineering, Physical Sciences, Physics, Network Security, Information Systems, Information Technology or Computer Science.
  • Experience in Cybersecurity Service Provider (CSSP) environment, Security Operations Center (SOC), or similar
  • Desire at least one of the following: CASP+ CE, CCNA Cyber Ops, CCNA-Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud+, CND, CSSLP, CySA+ **, GCFA, GCIA, GCIH, GICSP, GSNA, SCYBER, or SSCP
  • Knowledge of Incident Response Procedures
  • Knowledge of Packet Analysis
  • Knowledge of IDS/IPS solutions
  • Familiarity with Host-Based Analysis Tools
  • Experience with Log Aggregation Tools
  • Logical thinking and analytical ability
  • Verbal and written communication ability

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed