Overview
Skills
Job Details
This hybrid remote position is onsite as needed in Arlington, VA.
Must be local to VA, DC, and MD states
Due to Federal Governement Security Clearance Requirments: U.S. Citizenship
Incident Response Manager
Do you thrive in fast-paced environments and enjoy leading the charge against cyber threats? If so, we want you on our team!
We seek a highly motivated and experienced Incident Response Manager to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for overseeing all aspects of our incident response program, from preparation and identification to containment, eradication, and recovery. You will leverage your deep understanding of cyber threats and incident response best practices to lead our team in effectively mitigating security incidents and minimizing their impact on our organization.
Responsibilities:
Lead the development, implementation, and continuous improvement of our incident response program, ensuring alignment with industry best practices (e.g., NIST CSF)
Oversee the incident response lifecycle, including identification, triage, containment, eradication, recovery, and post-incident review
Manage and mentor a team of security analysts, providing guidance and ensuring adherence to established policies and procedures
Conduct thorough investigations to determine the root cause of security incidents and identify potential vulnerabilities
Coordinate with internal stakeholders (IT, legal, communications) and external parties (law enforcement, forensics investigators) as needed
Analyze threat intelligence and identify emerging threats and vulnerabilities
Maintain detailed documentation of all security incidents and response activities
Regularly review and update incident response playbooks and procedures
Train team members on incident response best practices and tools
Report on security incidents to senior management and stakeholders
Qualifications:
- Active DoD Secret Clearance
Bachelor's degree in Cybersecurity, Information Technology, or a related field (Master's degree a plus)
Minimum 3-5 years of experience in security operations, with a focus on incident response
Proven experience leading and managing a security team
In-depth knowledge of incident response frameworks and methodologies (e.g., NIST CSF, SANS IR)
Strong understanding of cyber threats, vulnerabilities, and attack vectors
Excellent analytical and problem-solving skills
Effective communication and collaboration skills
Ability to work independently and as part of a team in a fast-paced environment
Experience with security information and event management (SIEM) tools