This hybrid remote position is onsite as needed in Arlington, VA.

Must be local to VA, DC, and MD states

Due to Federal Governement Security Clearance Requirments: U.S. Citizenship

Incident Response Manager

Do you thrive in fast-paced environments and enjoy leading the charge against cyber threats? If so, we want you on our team!

We are seeking a highly motivated and experienced Incident Response Manager to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for overseeing all aspects of our incident response program, from preparation and identification to containment, eradication, and recovery. You will leverage your deep understanding of cyber threats and incident response best practices to lead our team in effectively mitigating security incidents and minimizing their impact on our organization.

Responsibilities:

• Lead the development, implementation, and continuous improvement of our incident response program, ensuring alignment with industry best practices (e.g., NIST CSF)

• Oversee the incident response lifecycle, including identification, triage, containment, eradication, recovery, and post-incident review

• Manage and mentor a team of security analysts, providing guidance and ensuring adherence to established policies and procedures

• Conduct thorough investigations to determine the root cause of security incidents and identify potential vulnerabilities

• Coordinate with internal stakeholders (IT, legal, communications) and external parties (law enforcement, forensics investigators) as needed

• Analyze threat intelligence and identify emerging threats and vulnerabilities

• Maintain detailed documentation of all security incidents and response activities

• Regularly review and update incident response playbooks and procedures

• Train team members on incident response best practices and tools

• Report on security incidents to senior management and stakeholders

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field (Master's degree a plus)

• Minimum 3-5 years of experience in security operations, with a focus on incident response

• Proven experience leading and managing a security team

• In-depth knowledge of incident response frameworks and methodologies (e.g., NIST CSF, SANS IR)

• Strong understanding of cyber threats, vulnerabilities, and attack vectors

• Excellent analytical and problem-solving skills

• Effective communication and collaboration skills

• Ability to work independently and as part of a team in a fast-paced environment

• Experience with security information and event management (SIEM) tools