1

Incident Analyst Jobs (NOW HIRING)

Excellent analytical and organizational skills and the ability to work with multiple geographically dispersed teams. Basic knowledge on F5 Load Balancers and Juniper Netscreen Firewalls ...

Incident Management Analyst Role summary Supports the Incident Management manager by coordinating incident communications, documentation, metrics reporting, RCA artifact collection, and corrective ...

Excellent analytical and organizational skills and the ability to work with multiple geographically dispersed teams. Basic knowledge on F5 Load Balancers and Juniper Netscreen Firewalls ...

Incident Management Analyst Role summary Supports the Incident Management manager by coordinating incident communications, documentation, metrics reporting, RCA artifact collection, and corrective ...

next page

Showing results 1-20

Incident Analyst information

See salary details

$19

$38

$62

How much do incident analyst jobs pay per hour?

As of Jul 14, 2026, the average hourly pay for incident analyst in the United States is $38.31, according to ZipRecruiter salary data. Most workers in this role earn between $28.85 and $43.51 per hour, depending on experience, location, and employer.

What is the role of an incident analyst?

An incident analyst is responsible for identifying, investigating, and resolving security incidents or system issues within an organization. They analyze data, use security tools, and document findings to prevent future incidents and improve response strategies. Strong analytical skills and knowledge of cybersecurity or IT systems are essential for this role.

What are the key skills and qualifications needed to thrive as an Incident Analyst, and why are they important?

To thrive as an Incident Analyst, you need a solid understanding of IT systems, incident management processes, and analytical problem-solving, often supported by a degree in computer science or certifications like ITIL or CompTIA Security+. Familiarity with incident tracking systems, SIEM tools, and ticketing platforms is typically required. Strong communication, attention to detail, and the ability to remain calm under pressure are standout soft skills for this role. These skills ensure swift and effective response to incidents, minimizing business impact and maintaining organizational security.

How does an Incident Analyst typically interact with other IT teams during a major incident?

During a major incident, an Incident Analyst acts as a central point of coordination between various IT teams such as network operations, application support, and security. They facilitate communication, gather updates, and ensure that all teams have the information needed to resolve the issue efficiently. This role often involves organizing conference calls, documenting actions taken, and escalating problems when necessary. Effective collaboration and clear communication are critical skills, as the Incident Analyst helps drive the incident toward resolution while minimizing business impact.

What is the difference between Incident Analyst vs Security Analyst?

AspectIncident AnalystSecurity Analyst
Required CredentialsCertifications like CompTIA Security+, incident response trainingCertifications like CISSP, Security+, CEH
Work EnvironmentIT teams, incident response centers, corporate environmentsSecurity operations centers, IT security teams, corporate and government sectors
Employer & Industry UsageUsed across industries for incident management and responsePrimarily in cybersecurity, finance, government, and tech sectors
Common Search & ComparisonOften compared for incident handling rolesCompared for cybersecurity and threat management roles

While both Incident Analysts and Security Analysts work within IT and security environments, Incident Analysts focus on managing and responding to specific incidents, such as system outages or data breaches. Security Analysts have a broader role in protecting organizational assets from cyber threats, often requiring advanced security certifications. Understanding these differences helps organizations assign the right roles for effective incident response and security management.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered entry-level or early-career, especially for those with foundational knowledge of cybersecurity, network monitoring, and incident response. However, some SOC positions require prior experience or certifications like CompTIA Security+ or CISSP, and responsibilities can vary based on the organization and team structure.

What are Incident Analysts?

Incident Analysts are professionals responsible for identifying, investigating, and managing incidents that disrupt normal operations within an organization, particularly related to IT systems and cybersecurity. They monitor systems for unusual activity, assess the severity of incidents, and coordinate responses to mitigate risks and restore services. Incident Analysts also document incidents, analyze root causes, and recommend improvements to prevent future occurrences. Their work is essential for maintaining the security and reliability of an organization's technology infrastructure.

What Does an Incident Analyst Do?

An incident analyst works to investigate cybersecurity or computer network-related incidents. Your job duties in this career include working to diagnose issues related to each event. You usually document your efforts and report on your findings. Your employers then expect you to develop and implement strategies to handle (or avoid) similar incidents in the future. Your responsibilities could include working to monitor current networks/systems and examining security practices and procedures to find areas for operational improvement.

What jobs make $3,000 a day?

Incident Analysts typically do not earn $3,000 a day; such high daily earnings are more common in executive, consulting, or specialized financial roles. High-paying jobs in cybersecurity, investment banking, or executive management can reach or exceed this level, often requiring extensive experience, certifications, or a high level of responsibility. Most roles with such earnings are rare and usually involve significant risk or expertise.

What does an incident analyst do?

An incident analyst is responsible for identifying, investigating, and resolving security incidents or system issues within an organization. They analyze data from security tools, document incidents, and recommend corrective actions to prevent future problems, often using tools like SIEM systems. Strong analytical skills and knowledge of cybersecurity principles are essential for this role.
What cities are hiring for Incident Analyst jobs? Cities with the most Incident Analyst job openings:
Who are the top companies hiring for Incident Analyst jobs? The top employers for Incident Analyst jobs are:
What states have the most Incident Analyst jobs? States with the most job openings for Incident Analyst jobs include:
Infographic showing various Incident Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $79,692 per year, or $38.3 per hour.
Junior Cyber Incident Analyst - Notification Specialist

Junior Cyber Incident Analyst - Notification Specialist

Peraton

Arlington, VA • On-site

$80K - $128K/yr

Full-time

Re-posted 16 days ago


Peraton rating

8.3

Company rating: 8.3 out of 10

Based on 56 frontline employees who took The Breakroom Quiz

42nd of 210 rated it services


Job description

Responsibilities

Peraton is currently searching for a Junior Cyber Incident Analyst - Notification Specialist - for our Federal Strategic Cyber program.  

 

Location: On site in Arlington, VA

 

In this position, you will:

  • Serve as the Notification Specialist monitoring and reviewing multiple data sources, including intelligence, media, and law enforcement reporting, to identify cybersecurity incidents, threats, and vulnerabilities on behalf of CISA.
  • Provide classified and unclassified cyber risk briefings and activity updates, to include but not limited to civilian government agencies and community stakeholders.
  • Manage incident triage and coordination with analysis and detection sections to identify and analyze technology and cyber impacts to IT assets and network infrastructure (LAN/WAN), including applying security controls and ensuring proper incident management and coordination.
  • Apply MITRE ATT&CK framework knowledge to map observed adversary behaviors, techniques, tactics, and procedures (TTPs) during incident triage and analysis, supporting accurate threat characterization and reporting.
  • Conduct on-site IP triage activities to identify and attribute ownership of IP addresses involved in incidents, leveraging WHOIS, ARIN/RIPE/APNIC registries, passive DNS, and other OSINT tools to support accurate scoping and stakeholder notification.
  • Organize, support, and manage the containment, investigation, and remediation efforts regarding incidents.
  • Perform quality assurance of targeted notifications ticket actions and ticket submissions.
  • Monitor, respond, and catalog targeted notification section emails as applicable.
  • Submit tickets as necessary to assist with keeping the triage console free of backlogs.
  • Support incident response engagements and partner with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets.
  • May be required to coordinate with external organizations, authorities, and senior-level leadership.
  • Utilize excellent communication skills - both verbal and written - to interface with a variety of stakeholders.
Qualifications

Minimum Requirements:  LU

  • Bachelor's degree and a minimum of 3 years of experience.
    • An additional 4 years of experience may be substituted in lieu of degree.
  • Demonstrated understanding of cyber-attacks and how they impact IT systems.
  • Working knowledge of the MITRE ATT&CK framework, including the ability to identify and map adversary TTPs to ATT&CK tactics and techniques during incident triage and reporting.
  • Demonstrated experience performing IP triage and ownership attribution, including use of WHOIS lookups, Regional Internet Registry (RIR) databases (ARIN, RIPE, APNIC), passive DNS analysis, and related OSINT methodologies to identify IP address owners and associated infrastructure.
  • U.S. Citizenship required.
  • Active Top Secret security clearance with the ability to obtain a TS/SCI.
    • In addition, the selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.

 

Preferred:

  • DHS Suitability at the SCI level.
  • Help Desk / Call Center experience supporting end-users.
  • Experience using Shodan for system data analytics to identify vulnerable systems.
  • Familiarity with MITRE ATT&CK Navigator for threat visualization, layer creation, and adversary emulation planning.
  • Experience with IP intelligence platforms (e.g., Shodan, Censys, VirusTotal or similar) to enrich IP triage findings and support on-site attribution workflows.
  • Relevant certifications such as CompTIA CySA+, Security+, CEH, or equivalent demonstrating foundational knowledge of threat analysis and incident response methodologies.
Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.EEOEEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.Employment Type: FULL_TIME

What Peraton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Peraton logo

About Peraton

Sourced by ZipRecruiter

At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Herndon, VA, US

Year founded

2017