Skip to main content
Skip to footer
Apply Now

Ops Watch- Incident Response Analyst

North Charleston, South Carolina, United States

Information Technology

Job Description

As an Incident Response Analyst, you will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations in support of the customer. You will validate suspicious events or reports and determine if the event constitutes an incident. You will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident.
Back to Description

Because It's Personal

Time: 2:57

Engineering & Technology

Innovation occurs everywhere but maybe you are also looking for a purpose. Nothing is more impactful than improving the health of others. Develop cutting edge technologies that have real meaning.

About Engineering & Technology

Additional Information

Virtual Eligible Job No
Relocation Assistance Available for this Job: Yes - Domestic/Regional


Basic Qualifications

  • At least 6 years total combined higher education and related work experience; including:
    • At least 1 year information systems security work experience
    • At least 5 years higher education and/or additional work experience directly related to the duties of the job; including:
      • Bachelor’s in: Information Systems, Information Security, Computer Science, Computer Engineering, Software Engineering, Mathematics
  • Receipt of the appropriate government security clearance card applicable for your position
  • Due to the client contract you will be assigned, this position requires you to be a U.S. citizen

Preferred Qualifications
  • Minimum Secret Clearance required with upgrade to TS-SCI
  • Knowledge of incident response and handling methodologies.
  • Skill in protecting a network against malware. (e.g., NIPS, anti‐malware, restrict/prevent external devices, spam filters)
• Ability to apply techniques for detecting host and network‐based intrusions using intrusion detection technologies
• Knowledge of Packet Analysis
• Knowledge of IDS/IPS solutions
• Familiarity with various Host-Based Tools
• Experience with Log Aggregation Tools
• Knowledge of DOD and DHS Incident Response policies and procedures
• Experience with Digital Forensics
• Ability to solve problems independently

• Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.
• Coordinates with supported and governing entities regarding significant incidents to ensure proper analysis is performed and timely and accurate reporting of the incident is completed.
• Provides 24x7 support for the clients Incident Response capability during non-core business hours consistent with requirements as needed.
• Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.
• Possesses working knowledge of full packet capture analysis and accompanying tools (Wireshark, etc.).
• Explores patterns in network and system activity via log correlation using supplemental tools
• Possesses understanding of IDS/IPS solutions to include signature development

  • Due to the nature of the work required, operations are conducted 24/7/365 with three primary shifts. Choice of shifts will be made available with the understanding that placement is at the discretion of the CSSP Services Director and/or assigned manager.
  • Willing to work additional or irregular hours as needed and allowed by local regulations
  • Work in accordance with corporate and organizational security policies and procedures, understand personal role in safeguarding corporate and client assets, and take appropriate action to prevent and report any compromises of security within scope of position
  • Perform other responsibilities as assigned
  • Must be able to obtain and maintain 8570 Classification IAT –II & CSSP Incident Responder or Analyst Category certification

Applicants for U.S.-based positions with Cerner must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

Due to specific client contract requirements, this position requires that the successful candidate be a U.S. citizen. The client contract also requires receipt of the appropriate government security clearance card applicable for the position.

As of December 8, 2021, as a condition of employment, all US-based employees must be fully vaccinated against COVID-19 unless a medical or religious exemption is approved.

Some Cerner positions may be obligated to comply with additional client-facing requirements and occupational health requests, including but not limited to, an immunization set, an annual flu shot, an annual TB screen, an updated background check, and/or an updated drug screen.

Cerner is a place where people are encouraged to innovate with confidence and focus on what is important – people’s health and the care they receive. We are transforming health care by developing tools and technologies that make it more efficient for care providers and patients to navigate the complexity of our health. From single offices to entire countries, Cerner solutions are licensed at more than 25,000 facilities in over 35 countries.

Cerner’s policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Cerner is proud to be a drug-free workplace.

EEO is the Law (English)
E-Verify Participation (English)
Right to Work (English)

EEO is the Law (Spanish)
E-Verify Participation (Spanish)
Right to Work (Spanish)

If you are an individual with a disability who is unable to use our online tools to search and apply for jobs, and need assistance or an accommodation in the recruiting process, please contact us by calling 866-434-1543 or by emailing

Related Positions

System Engineer II - Capital Region Medical Center

As a System Engineer II, you will provide system implementation, support, monitoring, and maintenance...

System Engineer II - Capital Region Medical Center

System Engineer II - MCH

Medical Center Hospital (MCH) and Cerner have a highly aligned mission, vision, and values which makes...

System Engineer II - MCH

System Engineer I - MCH

Medical Center Hospital (MCH) and Cerner have a highly aligned mission, vision, and values which makes...

System Engineer I - MCH