Incident Response Engineer

Overview

Remote
Depends on Experience
Full Time

Skills

incident response
SIEM platforms
Security Operations Center

Job Details

Valiant Solutions is seeking a Secret or Top Secret cleared Incident Coordinator and Engineer to join our rapidly growing and innovative cybersecurity team!

 

We are seeking an experienced and proactive Incident Coordinator and Engineer to lead tactical coordination of cybersecurity incident management activities while actively contributing hands-on to the engineering and operations of our Splunk-based SIEM and associated cybersecurity tooling. Serving as the designated task order Incident Coordinator (IC), you ll facilitate incident coordination across the engineering and operations team, ensuring seamless integration with other SOC functional teams during cybersecurity events. In addition to managing adherence to task-order-specific SLAs, incident response plans, playbooks, and lifecycle documentation, you ll play a critical role in designing, integrating, and optimizing our SIEM, security orchestration, and automation solutions. This dynamic position offers the opportunity to leverage your technical background to drive continuous enhancements in our cybersecurity capabilities while coordinating strategic response efforts to protect critical infrastructure. If you re passionate about cybersecurity engineering, incident management excellence, and thrive in roles where no two days are alike, we d love to hear from you!

 

 

Named one of the in the Washington DC area for 11 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

 

 

Required Experience:

  • Active Secret or Top Secret Clearance.
  • 10+ years of experience in cybersecurity operations, incident response, or related cybersecurity roles.
  • BS in Computer Science, Information Systems, Mathematics, Engineering, related degree or an additional two (2) years of relevant experience.
  • Demonstrated experience developing, implementing, and managing security orchestration and automation workflows integrated with SIEM platforms and other cybersecurity tools.
  • Proven experience documenting cybersecurity incidents, managing incident lifecycle processes, and producing detailed after-action reports and incident metrics for executive-level stakeholders. Demonstrated ability to collaborate cross-functionally, ensuring effective communication and operational alignment during high-visibility cybersecurity incidents or complex technical engagements.
  • Good understanding of system log information and what it means, where to collect specific data/attributes as necessitated per Incident Event (host, network, cloud, etc)
  • Strong understanding of enterprise networking (host-based firewalls, anti-malware, HIDS, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems operations, TCP / IP protocols, experience providing analysis and trending of security log data
  • Experience creating and tracking investigations to resolution
  • Proven experience coordinating incident response efforts in enterprise or federal environments.
  • Strong understanding of the full incident lifecycle (identification, containment, eradication, recovery, and lessons learned).
  • Familiarity with NIST, SANS, and other incident response frameworks.
  • Experience writing and maintaining incident response plans, playbooks, and after-action reports.
  • Excellent organizational skills and the ability to manage multiple priorities under pressure.
  • Strong interpersonal and communication skills to work with executive stakeholders and technical teams.
  • Experience with ticketing and workflow management tools (e.g., ServiceNow, Jira).

 

 

Responsibilities:

  • Serve as the designated task order Incident Coordinator (IC) for all cyber incident response activities within the SOC.
  • Manage and coordinate the team s incident response and analysis for all reported events.
  • Support the development of the SOC platform, consisting of a Splunk SIEM and multiple security tools.
  • Monitor security events received through alerts from SIEM or other security tools
  • Revise alerts escalated by end users
  • Carry out Level 3 triage of incoming Incidents (initial IR assessment of the priority of the event, initial determination of incident nature to determine risk and damage or appropriate routing of security or privacy data request)
  • Collaborate and communicate with the Enterprise Cybersecurity Delivery, Intake, and Operations Management Incident Commander for high-impact or widespread incidents.
  • Ensure full compliance with task-order-specific Service Level Agreements (SLAs) and reporting requirements.
  • Develop and maintain incident response plans, playbooks, and after-action reports tailored to the task order.
  • Coordinate with other task order ICs to address cross-service incidents and ensure a unified response.
  • Ensure strict adherence to incident response playbooks and thorough documentation throughout the full incident lifecycle.
  • Lead regular reviews and updates of playbooks and response procedures to reflect evolving threats and lessons learned.
  • Support operational improvement initiatives based on after-action findings and stakeholder feedback.
  • Contribute to enterprise readiness by participating in tabletop exercises, simulations, and incident response training events.

 

 

About Valiant Solutions

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology s Fast 50, and Washington Business Journal s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you ll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

 

 

Benefits Snapshot (includes, but not limited to) Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees Valiant contributes 25% towards Health Coverage for Family and Dependents 100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees 100% Paid Certifications 401K Matching up to 4% Paid Time Off Paid Federal Holidays Paid Time On 40 hours to pursue innovation Wellness & Fitness Program Valiant University Online Education and Training Portal Reimbursement for Public Transit and Parking FSA programs for: Medical Costs, Dependent Care, Transit, and Parking Referral Bonuses

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.