Sr Incident Response Analyst

We are seeking a highly experienced Senior Incident Response Analyst to support the National Credit Union Administration (NCUA) in safeguarding the integrity and security of the nation's credit union system. This role involves leading incident response efforts for cybersecurity threats, data breaches, and other security incidents affecting NCUA-regulated entities. The ideal candidate will possess deep expertise in threat detection, mitigation, and recovery, with a focus on financial sector regulations and compliance. This position requires collaboration with NCUA teams, external stakeholders, and law enforcement to ensure rapid and effective resolution of incidents while minimizing risks to credit unions and their members.
Responsibilities

• Lead the investigation, analysis, and resolution of cybersecurity incidents, including malware infections, ransomware attacks, phishing campaigns, and unauthorized access events.
• Develop and execute incident response plans, including containment, eradication, recovery, and post-incident reviews to prevent recurrence.
• Conduct forensic analysis of compromised systems, networks, and data using advanced tools and methodologies.
• Coordinate with NCUA's internal security operations center (SOC), credit union representatives, and federal agencies (e.g., FBI, DHS) during high-priority incidents.
• Prepare detailed incident reports, including root cause analysis, impact assessments, and recommendations for remediation, in compliance with NCUA guidelines and federal standards (e.g., NIST SP 800-61).
• Monitor threat intelligence feeds and emerging vulnerabilities relevant to the financial services sector, providing proactive recommendations to enhance NCUA's defensive posture.
• Train and mentor junior staff and NCUA personnel on incident response best practices and tools.
• Participate in tabletop exercises, simulations, and audits to test and improve incident response capabilities.
• Ensure all activities adhere to regulatory requirements, including those under the Federal Information Security Modernization Act (FISMA) and NCUA-specific policies.

Qualifications

• Education: Master's Degree in Cybersecurity, Computer Science, Information Technology, or a closely related field.
• Experience: Minimum of 10 years of professional experience in incident response, digital forensics, or cybersecurity operations, preferably within the financial services or government sectors.
• Proven track record of handling complex security incidents in high-stakes environments.
• U.S. Citizenship and ability to obtain and maintain a Public Trust or Secret security clearance.
• Strong understanding of federal cybersecurity frameworks, including NIST, FISMA, and relevant financial regulations (e.g., Gramm-Leach-Bliley Act).
• Expertise in incident response lifecycle management and forensic techniques.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation of response tasks.
• Excellent analytical, problem-solving, and communication skills, with the ability to convey technical details to non-technical stakeholders.
• Ability to work under pressure in a fast-paced, 24/7 on-call environment.
• Strong ethical standards and commitment to confidentiality.

Additional Qualifications

• Certifications such as Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Forensic Computer Examiner (CFCE), or equivalent.
• Experience supporting federal agencies or financial regulators, with knowledge of credit union operations.
• Familiarity with tools like Splunk, EnCase, Wireshark, Volatility, or similar for incident investigation.
• Advanced knowledge of cloud security (e.g., AWS, Azure) and endpoint detection/response (EDR) solutions.

This position offers an opportunity to contribute to the stability of the U.S. financial system by protecting credit unions from evolving cyber threats. Qualified candidates are encouraged to apply with a resume highlighting relevant experience and education. Equal Opportunity Employer.
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; ability to obtain a Public Trust clearance or above is required.
Compensation and Benefits
Salary Range: $110,000 - $150,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)

Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron s benefits programs.

Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.

Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.