SC Works IT Jobs

Job Information

Cerner Cloud Threat Federal Incident Response Analyst in Charleston, South Carolina


Job Title:

Cloud Threat Federal Incident Response Analyst

Job Description:

As a Cloud Threat Federal Incident Response Analyst you will assess required Defensive Cyber Operations (DCO) capabilities in multiple cloud environments (O365, Azure, AWS, Oracle) and develop appropriate detection measures in a mixed Elastic and Splunk environment. You will perform analysis of available cloud environment data feeds, network monitoring and filtering systems (inc. IDS/IPS), and endpoint protection platforms in order to develop unified detection measures. You will ensure the rigorous application of information security/information assurance policies, principles, and practices. You will defend federal information systems against cyber security threats using a variety of tools, data and events and execute cyber incident responses processes. You will execute indicated response for reported or detected cyber incidents, gathering information and data from various sources to contain, analyze and trace the threat. You will recover, secure and preserve physical or logical evidence related to cyber incidents. You will document cyber incidents in the corporate incident management solution to meet audit, compliance and legal requirements. You will identify exposed system vulnerabilities by analyzing forensic evidence and attempting to reverse-engineer or recreate the attack. You will collaborate with engineering teams to resolve threats and minimize vulnerabilities through advanced security architectures. You will continuously monitor system performance and activity, analyzing and reporting any irregularities or suspicious events in accordance with established polices and procedures. You will notify internal and external stakeholders of potential cyber threats and provide guidance on risk avoidance and recovery measures.

Auto req ID:


Additional Information:

Applicants for U.S.-based positions with Cerner must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

Due to specific client contract requirements, this position requires that the successful candidate be a U.S. citizen. The client contract also requires receipt of the appropriate government security clearance card applicable for the position.

Some Cerner positions may be obligated to comply with client-facing requirements and occupational health requests, including but not limited to, an immunization set, an annual flu shot, an annual TB screen, an updated background check, and/or an updated drug screen.

Company Overview:

Cerner is a place where people are encouraged to innovate with confidence and focus on what is important – people’s health and the care they receive. We are transforming health care by developing tools and technologies that make it more efficient for care providers and patients to navigate the complexity of our health. From single offices to entire countries, Cerner solutions are licensed at more than 25,000 facilities in over 35 countries.

Cerner’s policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Cerner is proud to be a drug-free workplace.

EEO is the Law (English) (

E-Verify Participation (English)

Right to Work (English) (

EEO is the Law (Spanish)

E-Verify Participation (Spanish) (

Right to Work (Spanish)


United States


Basic Qualifications

  • Receipt of the appropriate government security clearance card applicable for your position

  • Due to the client contract you will be assigned, this position requires you to be a U.S. citizen

  • Bachelor of Science in Information Security, Information Systems, Computer Science, Computer Engineering, Software Engineering, Mathematics, or equivalent work experience

  • At least two years of information technology security work experience

  • Must possess and maintain DoD 8570 IATII compliant certifications

Preferred Qualifications

  • At least one year of Federal information technology security work experience

  • At least one year of experience with Cloud monitoring tools preferred (AWS, Azure)

  • At least one year of Linux administration experience preferred (Redhat)

  • At least one year of experience with Network traffic analysis and host based log analysis

  • At least one year of enterprise Windows security (Active Directory)

  • At least one year Static and Dynamic malware analysis

  • At least one year of experience using a scripting or development language (e.g. PowerShell or Python)

  • At least one year of experience with Splunk, Elastic, Carbon Black Response, or Fidelis Network


South Carolina



Government Job: