Cybersecurity Analyst - Incident Response Lead at Space Dynamics Laboratory – North Logan, Utah

Job ID: 7339
Date Posted: April 7, 2026

Space Dynamics Laboratory (SDL) is seeking a highly skilled Cybersecurity Analyst – Incident Response Lead to join our Corporate Information Security team. The selected candidate will serve as the technical lead for incident response and forensic investigations, supporting SDL’s mission to protect critical information systems in support of national defense and space operations.
As a key member of the Cybersecurity Operations team, this individual will lead the detection, analysis, containment, and remediation of cybersecurity incidents, while advancing SDL’s incident response and forensic capabilities.

If you thrive in high-tempo environments, have deep technical expertise, and are passionate about defending mission-critical systems, we encourage you to apply.

As a trusted partner in national defense and space exploration, SDL offers a dynamic, mission-driven environment where your expertise will directly contribute to critical security initiatives. If you thrive in high-stakes, team-oriented settings and have a passion for cybersecurity compliance, risk management, and audit excellence, we want to hear from you!

Key Responsibilities:

• Leads end-to-end incident response activities, including identification, containment, eradication, and recovery
• Serves as the technical lead during security incidents, coordinating across IT, Cybersecurity Engineering, Governance, Risk and Compliance (GRC) and leadership
• Develops and maintains incident response playbooks and procedures
• Conducts and leads incident response exercises and tabletop scenarios

• Performs host-based, network-based, and log-based forensic analysis
• Preserves evidence in accordance with legal and regulatory requirements
• Conducts root cause analysis and produces detailed forensic reports
• Supports internal investigations and external reporting requirements

• Analyzes alerts from SIEM, EDR, EPP, and other tools to identify potential threats
• Correlates logs across multiple data sources to identify attack patterns and indicators of compromise (IOCs)
• Conducts threat hunting activities to proactively identify adversary behavior
• Integrates threat intelligence into detection and response processes

• Develops and refines detection use cases and alerting logic
• Recommends and implements improvements to incident response processes and tooling
• Automates response workflows where feasible
• Tracks metrics and performance of incident response capabilities

• Coordinates with GRC teams to ensure incidents are properly documented and aligned with compliance requirements
• Communicates incident status, impact, and remediation actions to stakeholders
• Supports CMMC assessment activities related to incident response and logging

• 5+ years of experience in cybersecurity, with a focus on incident response and/or security operations
• Bachelor’s degree in cybersecurity, information assurance, computer science, MIS, engineering, or a related field (or additional 5 years of experience)
• Relevant certification (e.g., CySA+, GCIA, GCIH, CISSP)
• Hands-on experience with: Incident response processes and frameworks (e.g., NIST SP 800-61), SIEM platforms (e.g., Splunk, Microsoft Sentinel), Endpoint Detection & Response (EDR) tools, Log analysis and event correlation
• Experience conducting forensic investigations (disk, memory, or network)
• Strong understanding of attacker tactics, techniques, and procedures (TTPs)
• Ability to analyze and interpret Indicators of Compromise (IOCs)
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills
• Must be a U.S. citizen with the ability to obtain and maintain a U.S. Government security clearance

• Technical Expertise
  • Experience with forensic tools (e.g., EnCase, FTK, Velociraptor, Volatility)
  • Familiarity with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK)
  • Experience with digital forensics in cloud environments
• Compliance & Regulatory Experience
  • Familiarity with NIST SP 800-171, NIST SP 800-53, DFARS, and CMMC
  • Experience supporting compliance assessments, inspections or audits
• Government & Defense Experience
  • Experience supporting DoD, intelligence, or defense contractor environments
  • Understanding of classified systems security (RMF, JSIG, DISA STIGs) requirements (RMF, JSIG, STIGs)

• $90,000 - $155,000
  • Salary commensurate on education and relevant experience

This range serves as a general guideline and may vary based on factors such as role, level, location, market conditions, and individual qualifications, including job-related skills, experience, and relevant education or training. The range displayed in the job advertisement reflects the minimum and maximum target salaries across all US locations. Specific salary details for a candidate’s preferred location can be provided by the recruiter or HR manager during the hiring process.

Why Join SDL?
*SDL offers competitive salaries and a comprehensive benefits package. Visit our Benefits Page to learn more about what we offer.

SDL delivers advanced multi-domain solutions to protect national security and enable scientific discovery. Our expertise in satellites, sensors and instruments, ground systems and data processing, and autonomous systems plays a critical role in missions supporting NASA and the Department of Defense. Join our team of engineers, scientists, technicians, and business professionals in our seventh decade of delivering mission success.

At SDL, we strive to uphold a culture of respect, collaboration, empowerment, and accountability. We listen with open minds, seek to understand diverse perspectives, and engage in thoughtful dialogue. We work together by sharing knowledge, involving others, and offering support. We trust and empower our team members to take ownership, act with integrity, and be accountable. Above all, we deliver on our commitments to each other and to our mission partners.

The application window for this position is expected to remain open for approximately 14 days; however, it may be shortened or extended depending on business needs and the availability of qualified candidates. We encourage interested candidates to submit their applications promptly.

For questions, assistance, or accommodation with the application process or the DoD SkillBridge program, please contact employment@sdl.usu.edu.