Home › Companies › Careers Peraton Icims Com › Cyber Investigations Analyst - OTA / Active Top Secret
Cyber Investigations Analyst - OTA / Active Top Secret
Careers Peraton Icims Com · Arlington, VA, US · On Site · Active · $80,000–$128,000 / hour · iCIMS
Job facts
| Field | Value |
|---|---|
| Company | Careers Peraton Icims Com |
| Title | Cyber Investigations Analyst - OTA / Active Top Secret |
| Normalized title | - |
| Department / team | Intel and Threat Analysis |
| Location | Arlington, VA, United States |
| Work model | On Site |
| Employment type | Full Time |
| Salary | $80,000–$128,000 / hour |
| Status | active |
| ATS provider | iCIMS |
| Posted / first seen | 2026-06-19 / 2026-06-20 |
| Changed / last seen | 2026-06-20 / 2026-06-21 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Careers Peraton Icims Com. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through iCIMS. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Arlington. | Open |
| Department jobs | Active postings in Intel and Threat Analysis. | Open |
| Work model jobs | Active On Site postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Careers Peraton Icims Com |
| Source | 944b3981-c90b-4379-a0d8-7cc8e4e36cf3 |
| ATS provider | iCIMS |
Description
Responsibilities
Peraton is looking for a Cyber Investigations Analyst to become part of our Federal Strategic Cyber Group.
Location: Rosslyn, VA; full-time, on-site role.
In this role, you will:
Support the Cyber Threat Investigations & Analysis Division (CTAD) in conducting end-to-end insider threat and cyber investigations leveraging User Activity Monitoring (UAM) tools and data.
Collect, analyze, and interpret log data to detect anomalous user behavior, policy violations, and potential insider threats across enterprise systems.
Develop and refine detection rules, alerts, and behavioral baselines to improve threat detection capabilities.
Conduct forensic analysis of user activity logs, endpoint telemetry, and network data to support investigations and produce actionable intelligence.
Communicate complex investigative findings to both technical and non-technical stakeholders, including senior management.
Collaborate with legal, HR, and security teams to ensure investigations are conducted in accordance with applicable laws, policies, and Department guidelines.
Author detailed investigation reports, bulletins, and advisories documenting findings.
Promote awareness of insider threat indicators and UAM best practices among customer stakeholders, coworkers, and Department users.
Respond to escalated security incidents and provide expert guidance on user activity-related threat vectors.
Conduct all aspects of case management for active inquiries to include case documentation, investigative records, digital artifacts, SharePoint repositories, and data storage management.
Provide guidance and mentorship to junior team members on investigative techniques and tool usage.
Stay current on emerging insider threat tactics, techniques, and procedures (TTPs) and incorporate findings into detection strategies.
Qualifications
Minimum requirements:
A Bachelor’s degree and 5 years of experience. An additional 4 years of experience may be substituted in lieu of the bachelors degree requirement.
Minimum of 2 years of experience in in cybersecurity, digital forensics, or cyber investigations.
Must either possess and maintain, or obtain prior to start date, one of the following professional certifications:
CISSP-ISSAP; CISSP-ISSEP; CISSP; Security+ CE; CySA+; PPDA; Agile IC; SNOW App Dev
Experience conducting insider threat or cyber misconduct investigations in an enterprise environment.
Experience analyzing large datasets of user activity, log data, and endpoint telemetry.
Strong analytical, problem-solving, and decision-making skills to support complex, sensitive investigations.
Excellent written and verbal communication skills, including experience producing formal investigative reports.
Must possess strong time management skills and the ability to complete assigned tasks with minimal supervision.
U.S. citizenship required.
Active Top Secret security clearance.
Ability to obtain a final Top Secret/SCI security clearance.
Desired:
Experience with insider threat programs and familiarity with the National Insider Threat Policy.
Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for correlating UAM data with broader security telemetry.
Experience with digital forensics tools (e.g., EnCase, FTK, Magnet AXIOM).
Knowledge of Active Directory and Azure AD for user account analysis.
Experience working in a government or federal law enforcement investigative environment.
Technical writing skills and experience producing materials for senior leadership audiences.
Familiarity with chain of custody procedures, and eDiscovery processes.
Experience with behavioral analytics platforms or UEBA (User and Entity Behavior Analytics) tools.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Target Salary Range $80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Full job record
| Job ID | 0a91f29b386afbf495c45925a2913c6b0f0d46ba |
| Org ID | b88db125-2f81-4362-9897-a29d0e7de670 |
| Source ID | 944b3981-c90b-4379-a0d8-7cc8e4e36cf3 |
| Board ID | 944b3981-c90b-4379-a0d8-7cc8e4e36cf3 |
| Provider | icims |
| Provider Job Key | 167857 |
| Title | Cyber Investigations Analyst - OTA / Active Top Secret |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Arlington, VA, US |
| Department | Intel and Threat Analysis |
| Team | — |
| Employment Type | full_time |
| Workplace Type | on_site |
| Remote Policy | — |
| Country | United States |
| Region | VA |
| City | Arlington |
| Salary Raw | Responsibilities Peraton is looking for a Cyber Investigations Analyst to become part of our Federal Strategic Cyber Group. Location: Rosslyn, VA; full-time, on-site role. In this role, you will: Support the Cyber Threat Investigations & Analysis Division (CTAD) in conducting end-to-end insider threat and cyber investigations leveraging User Activity Monitoring (UAM) tools and data. Collect, analyze, and interpret log data to detect anomalous user behavior, policy violations, and potential insider threats across enterprise systems. Develop and refine detection rules, alerts, and behavioral baselines to improve threat detection capabilities. Conduct forensic analysis of user activity logs, endpoint telemetry, and network data to support investigations and produce actionable intelligence. Communicate complex investigative findings to both technical and non-technical stakeholders, including senior management. Collaborate with legal, HR, and security teams to ensure investigations are conducted in accordance with applicable laws, policies, and Department guidelines. Author detailed investigation reports, bulletins, and advisories documenting findings. Promote awareness of insider threat indicators and UAM best practices among customer stakeholders, coworkers, and Department users. Respond to escalated security incidents and provide expert guidance on user activity-related threat vectors. Conduct all aspects of case management for active inquiries to include case documentation, investigative records, digital artifacts, SharePoint repositories, and data storage management. Provide guidance and mentorship to junior team members on investigative techniques and tool usage. Stay current on emerging insider threat tactics, techniques, and procedures (TTPs) and incorporate findings into detection strategies. Qualifications Minimum requirements: A Bachelor’s degree and 5 years of experience. An additional 4 years of experience may be substituted in lieu of the bachelors degree requirement. Minimum of 2 years of experience in in cybersecurity, digital forensics, or cyber investigations. Must either possess and maintain, or obtain prior to start date, one of the following professional certifications: CISSP-ISSAP; CISSP-ISSEP; CISSP; Security+ CE; CySA+; PPDA; Agile IC; SNOW App Dev Experience conducting insider threat or cyber misconduct investigations in an enterprise environment. Experience analyzing large datasets of user activity, log data, and endpoint telemetry. Strong analytical, problem-solving, and decision-making skills to support complex, sensitive investigations. Excellent written and verbal communication skills, including experience producing formal investigative reports. Must possess strong time management skills and the ability to complete assigned tasks with minimal supervision. U.S. citizenship required. Active Top Secret security clearance. Ability to obtain a final Top Secret/SCI security clearance. Desired: Experience with insider threat programs and familiarity with the National Insider Threat Policy. Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for correlating UAM data with broader security telemetry. Experience with digital forensics tools (e.g., EnCase, FTK, Magnet AXIOM). Knowledge of Active Directory and Azure AD for user account analysis. Experience working in a government or federal law enforcement investigative environment. Technical writing skills and experience producing materials for senior leadership audiences. Familiarity with chain of custody procedures, and eDiscovery processes. Experience with behavioral analytics platforms or UEBA (User and Entity Behavior Analytics) tools. Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure. Target Salary Range $80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law. |
| Salary Min | 80,000 |
| Salary Max | 128,000 |
| Salary Currency | USD |
| Salary Period | hour |
| Source URL | https://careers-peraton.icims.com/jobs/167857/cyber-investigations-analyst---ota---active-top-secret/job |
| Apply URL | https://careers-peraton.icims.com/jobs/167857/cyber-investigations-analyst---ota---active-top-secret/job |
| First Seen At | 2026-06-20 08:35:29Z |
| Last Seen At | 2026-06-21 08:33:57Z |
| Last Checked At | 2026-06-21 08:33:57Z |
| Last Changed At | 2026-06-20 08:35:29Z |
| Inactive At | — |
| Source Posted At | 2026-06-19 04:00:00Z |
| Source Updated At | 2026-06-19 18:19:42Z |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=icims/board=careers-peraton.icims.com/date=2026-06-21/2026-06-21T08-32-54-181Z-9f14ccc742e1fd862c52f5e2d0b980640a937981b847aa94e554dfc59e7ad627.json |
Event Fields
{
"content_hash": "c71cf4ad7d314005395af8f9f2691ae2f8b00058c7ffb211ef09b189be8cfd6b",
"source_hash": "65dca5acf4a3e60a0719fa484c945342aeca9f18ecee0bd6cbb2a52183874a57",
"last_changed_at": "2026-06-20T08:35:29.536Z",
"active_status": "active"
}Parsed Structured
{
"dedupe": null,
"language": "en",
"location": {
"raw": "Arlington, VA, US",
"city": "Arlington",
"region": "VA",
"country": "United States",
"is_remote": false,
"confidence": 0.8
},
"salary_max": 128000,
"salary_min": 80000,
"inferred_at": "2026-06-21T08:33:55.661Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Arlington, VA, US",
"city": "Arlington",
"region": "VA",
"country": "United States",
"is_remote": false,
"confidence": 0.8
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": "hour",
"workplace_type": "on_site",
"salary_currency": "USD"
}Extensions
{}Native Structured
{
"json_ld": {
"url": "https://careers-peraton.icims.com/jobs/167857/cyber-investigations-analyst---ota---active-top-secret/job",
"@type": "JobPosting",
"title": "Cyber Investigations Analyst - OTA / Active Top Secret",
"@context": "http://schema.org",
"datePosted": "2026-06-19T04:00:00.000Z",
"description": "<h2>Responsibilities</h2>\n<p>Peraton is looking for a <strong>Cyber Investigations Analyst</strong><strong> </strong>to become part of our Federal Strategic Cyber Group. </p>\n<p> </p>\n<p><strong>Location:</strong> Rosslyn, VA; full-time, on-site role.</p>\n<p> </p>\n<p><strong>In this role, you will:</strong></p>\n<ul>\n <li>Support the Cyber Threat Investigations & Analysis Division (CTAD) in conducting end-to-end insider threat and cyber investigations leveraging User Activity Monitoring (UAM) tools and data.</li>\n <li>Collect, analyze, and interpret log data to detect anomalous user behavior, policy violations, and potential insider threats across enterprise systems.</li>\n <li>Develop and refine detection rules, alerts, and behavioral baselines to improve threat detection capabilities.</li>\n <li>Conduct forensic analysis of user activity logs, endpoint telemetry, and network data to support investigations and produce actionable intelligence.</li>\n <li>Communicate complex investigative findings to both technical and non-technical stakeholders, including senior management.</li>\n <li>Collaborate with legal, HR, and security teams to ensure investigations are conducted in accordance with applicable laws, policies, and Department guidelines.</li>\n <li>Author detailed investigation reports, bulletins, and advisories documenting findings.</li>\n <li>Promote awareness of insider threat indicators and UAM best practices among customer stakeholders, coworkers, and Department users.</li>\n <li>Respond to escalated security incidents and provide expert guidance on user activity-related threat vectors.</li>\n <li>Conduct all aspects of case management for active inquiries to include case documentation, investigative records, digital artifacts, SharePoint repositories, and data storage management.</li>\n <li>Provide guidance and mentorship to junior team members on investigative techniques and tool usage.</li>\n <li>Stay current on emerging insider threat tactics, techniques, and procedures (TTPs) and incorporate findings into detection strategies.</li>\n</ul>\n<p> </p>\n<h2>Qualifications</h2>\n<p><strong>Minimum requirements: </strong></p>\n<ul>\n <li>A Bachelor’s degree and 5 years of experience. An additional 4 years of experience may be substituted in lieu of the bachelors degree requirement.</li>\n <li>Minimum of 2 years of experience in in cybersecurity, digital forensics, or cyber investigations.</li>\n <li>Must either possess and maintain, or obtain prior to start date, one of the following professional certifications: \n <ul>\n <li>CISSP-ISSAP; CISSP-ISSEP; CISSP; Security+ CE; CySA+; PPDA; Agile IC; SNOW App Dev</li>\n </ul></li>\n</ul>\n<ul>\n <li>Experience conducting insider threat or cyber misconduct investigations in an enterprise environment.</li>\n <li>Experience analyzing large datasets of user activity, log data, and endpoint telemetry.</li>\n <li>Strong analytical, problem-solving, and decision-making skills to support complex, sensitive investigations.</li>\n <li>Excellent written and verbal communication skills, including experience producing formal investigative reports.</li>\n <li>Must possess strong time management skills and the ability to complete assigned tasks with minimal supervision.</li>\n <li>U.S. citizenship required.</li>\n <li>Active Top Secret security clearance.</li>\n <ul>\n <li>Ability to obtain a final Top Secret/SCI security clearance.</li>\n </ul>\n</ul>\n<p><strong>Desired:</strong></p>\n<p> </p>\n<ul>\n <li>Experience with insider threat programs and familiarity with the National Insider Threat Policy.</li>\n <li>Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for correlating UAM data with broader security telemetry.</li>\n <li>Experience with digital forensics tools (e.g., EnCase, FTK, Magnet AXIOM).</li>\n <li>Knowledge of Active Directory and Azure AD for user account analysis.</li>\n <li>Experience working in a government or federal law enforcement investigative environment.</li>\n <li>Technical writing skills and experience producing materials for senior leadership audiences.</li>\n <li>Familiarity with chain of custody procedures, and eDiscovery processes.</li>\n <li>Experience with behavioral analytics platforms or UEBA (User and Entity Behavior Analytics) tools.</li>\n</ul>\n<h2>Peraton Overview</h2>\n<p>Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.</p>\n<h2>Target Salary Range</h2>$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.\n<h2>EEO</h2>EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.",
"directApply": true,
"jobLocation": [
{
"@type": "Place",
"address": {
"@type": "PostalAddress",
"postalCode": "UNAVAILABLE",
"addressRegion": "VA",
"streetAddress": "UNAVAILABLE",
"addressCountry": "US",
"addressLocality": "Arlington",
"postOfficeBoxNumber": "UNAVAILABLE"
}
}
],
"validThrough": "2027-06-19T04:00:00.000Z",
"employmentType": "FULL_TIME",
"hiringOrganization": {
"name": "Peraton",
"@type": "Organization",
"sameAs": "UNAVAILABLE"
},
"occupationalCategory": "Intel and Threat Analysis"
},
"detail_meta": {
"url": "https://careers-peraton.icims.com/jobs/167857/cyber-investigations-analyst---ota---active-top-secret/job?in_iframe=1",
"http_status": 200,
"content_type": "text/html;charset=UTF-8",
"response_bytes": 40277,
"compact_response_bytes": 6948,
"original_response_bytes": 40277
},
"sitemap_job": {
"id": "167857",
"url": "https://careers-peraton.icims.com/jobs/167857/cyber-investigations-analyst---ota---active-top-secret/job",
"slug": "cyber-investigations-analyst---ota---active-top-secret",
"lastmod": "2026-06-19T14:19:42-04:00"
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/0a91f29b386afbf495c45925a2913c6b0f0d46ba?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/b88db125-2f81-4362-9897-a29d0e7de670JSONGET https://api.bluedoor.sh/job-postings/v1/sources/944b3981-c90b-4379-a0d8-7cc8e4e36cf3JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/0a91f29b386afbf495c45925a2913c6b0f0d46ba/eventsJSON