... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Action Officer
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident. * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Action Officer
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident. * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Cyber Incident Manager Level II
Arlington, VA · On-site
$90K - $110K/yr
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Incident Manager Level II
Arlington, VA · On-site
$90K - $110K/yr
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Threat Analyst II
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Threat Analyst II
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Crane Operator
Theodore, AL · On-site +1
NCCIC A/D Director Certification * Lifting Director Certification * Rigging Certification * Forklift Operator Certification * Shipyard Competent Person Training * OSHA 10 Hour * Fall Protection ...
Crane Operator
Theodore, AL · On-site +1
NCCIC A/D Director Certification * Lifting Director Certification * Rigging Certification * Forklift Operator Certification * Shipyard Competent Person Training * OSHA 10 Hour * Fall Protection ...
Cyber Case Manager II
Arlington, VA · On-site
$127K - $172K/yr
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Quick apply
Cyber Case Manager II
Arlington, VA · On-site
$127K - $172K/yr
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Action Officer
Arlington, VA · On-site
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Action Officer
Arlington, VA · On-site
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Case Manager with Security Clearance
$126K - $171K/yr
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Case Manager with Security Clearance
$126K - $171K/yr
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Incident Manager I
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Incident Manager I
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Incident Manager I
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident. * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Incident Manager I
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident. * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
... NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident - Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access ...
Cyber Case Manager
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Cyber Case Manager
Arlington, VA · On-site
Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident * Knowledge of general attack stages (e.g., foot printing and scanning, enumeration ...
Nccic information
See salary details
$33K - $41.8K
22% of jobs
$43.3K is the 25th percentile. Wages below this are outliers.
$41.8K - $50.6K
19% of jobs
The median wage is $57.9K / yr.
$50.6K - $59.5K
11% of jobs
$59.5K - $68.3K
18% of jobs
$75.6K is the 75th percentile. Wages above this are outliers.
$68.3K - $77.1K
6% of jobs
$77.1K - $85.9K
2% of jobs
$85.9K - $94.7K
0% of jobs
$94.7K - $103.5K
0% of jobs
$103.5K - $112.4K
0% of jobs
$112.4K - $121.2K
0% of jobs
$121.2K - $130K
22% of jobs
$33K
$76.6K
$130K
How much do nccic jobs pay per year?
As of Jun 8, 2026, the average yearly pay for nccic in the United States is $76,639.00, according to ZipRecruiter salary data. Most workers in this role earn between $45,500.00 and $130,000.00 per year, depending on experience, location, and employer.
What are some common challenges faced by NCCIC analysts and how can new team members prepare for them?
NCCIC analysts often encounter challenges such as rapidly evolving cyber threats, managing large volumes of incident reports, and collaborating with multiple public and private sector entities. New team members can prepare by staying updated on the latest cybersecurity trends, developing strong analytical and communication skills, and being adaptable in high-pressure situations. The work is dynamic and requires continuous learning and teamwork to effectively respond to and mitigate cybersecurity incidents.
What are the key skills and qualifications needed to thrive as an NCCIC (National Cybersecurity and Communications Integration Center) analyst, and why are they important?
To thrive as an NCCIC analyst, you need a strong background in cybersecurity, network defense, incident response, and threat analysis, often supported by a degree in computer science or a related field. Familiarity with tools such as SIEM platforms, intrusion detection systems, malware analysis software, and certifications like CISSP or CEH is highly valued. Strong analytical thinking, attention to detail, effective communication, and teamwork are vital soft skills in this role. These competencies are crucial for identifying, mitigating, and communicating cyber threats to protect national critical infrastructure.
What is an NCCIC and what do they do?
The National Cybersecurity and Communications Integration Center (NCCIC) is a division of the Cybersecurity and Infrastructure Security Agency (CISA) within the U.S. Department of Homeland Security. NCCIC serves as a central hub for information sharing, analysis, and coordination of efforts to protect the nation's critical infrastructure from cyber threats. It provides real-time threat analysis, incident response, and technical assistance to both government and private sector partners, aiming to strengthen the overall cybersecurity posture of the United States.
More about Nccic jobs
What job categories do people searching Nccic jobs look for? The top searched job categories for Nccic jobs are:
Job description
Incident Manager - III
The client is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. RTX is seeking a Cyber Incident Manager to support this critical customer mission.
Responsibilities:
- Correlating incident data to identify specific trends in reported incidents
- Recommending defense in depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.)
- Performing Computer Network Defense incident triage to include determining scope, urgency, and potential impact
- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
- Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conduct cursory analysis of log data
- Monitoring external data sources to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise
- Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident,
- Receiving and analyzing network alerts from various sources within the enterprise and determine possible causes of such alerts
- Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution, and work with other components within the organization to obtain and coordinate information pertaining to ongoing incidents
- Providing support during assigned shifts (Monday through Friday, normal business hours)
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
- Knowledge of incident response and handling methodologies
- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.
- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of basic system administration and operating system hardening techniques, Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Desired Skills:
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 7-9 incident management or cyber security experience
Desired Certifications:
GCIH, GCFA GISP, GCED, CCFP or CISSP
The client is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. RTX is seeking a Cyber Incident Manager to support this critical customer mission.
Responsibilities:
- Correlating incident data to identify specific trends in reported incidents
- Recommending defense in depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.)
- Performing Computer Network Defense incident triage to include determining scope, urgency, and potential impact
- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
- Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conduct cursory analysis of log data
- Monitoring external data sources to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise
- Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident,
- Receiving and analyzing network alerts from various sources within the enterprise and determine possible causes of such alerts
- Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution, and work with other components within the organization to obtain and coordinate information pertaining to ongoing incidents
- Providing support during assigned shifts (Monday through Friday, normal business hours)
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
- Knowledge of incident response and handling methodologies
- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.
- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of basic system administration and operating system hardening techniques, Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Desired Skills:
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 7-9 incident management or cyber security experience
Desired Certifications:
GCIH, GCFA GISP, GCED, CCFP or CISSP
About Beyond Sof
Sourced by ZipRecruiter
Company size
11 - 50 Employees
Headquarters location
McLean, VA, US
Year founded
2011