Cyber Defense Incident Responder (Advanced)

Req ID: 40973

Summary

Cyber Defense Incident Responder (Advanced)

Arlington, VA

Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employers core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!

The Cyber Defense Incident Responder (Advanced) position requires a highly experienced, analytical professional who performs hands-on technical work while guiding and directing senior and mid-level analysts. This role involves advanced threat detection, threat intelligence research, practical application of threat intelligence to operations, developing custom scripts, and understanding complex threat actor techniques used to compromise systems and evade detections. The ideal candidate will have extensive operational experience defending highly secure enclaves, specifically navigating Top Secret/Sensitive Compartmented Information (TS/SCI) and Special Access Program (SAP) networks.

Responsibilities

• Lead a small team of advanced and mid-level security analysts to provide Incident Defense (ID) services for government clients, specifically tailored to the unique security constraints of TS/SCI and SAP environments.

• Serve as the primary technical point of contact for complex threat hunting issues, and mentor new ID team members to grow their skills and operational abilities.

• Engineer advanced detection alerting rules for events reported by endpoints, cloud services, network devices, and other relevant event sources across classified enclaves. This includes utilizing Splunk SPL, Microsoft Kusto Query Language (KQL), Elastic Kibana Query Language, Carbon Black, Snort rules, or other pattern-matching detection tools.

• Proactively research new malware using hunting capabilities on malware repository services (such as VirusTotal) and through established partnerships with other security researchers, ensuring all malware handling adheres to strict classified network protocols.

• Lead targeted phishing campaigns to help educate the workforce on the risks of social engineering and malicious attachments.

• Lead purple and red teaming efforts as directed, conducting adversary emulation relevant to the architecture of highly classified networks.

• Provide critical support to the NOSC and coordinate team schedules to ensure on-call coverage for after-hours, weekends, and holidays.

• Maintain the toolkit utilized by the ID Team. Conduct research analysis on the latest cybersecurity tools, provide rationale to renew or deprecate current tools, and make recommendations for employing new technologies within the enterprise.

• Perform comprehensive research and investigations with little to no oversight to locate information relevant to government requests, communicating findings effectively to clients (typically interfacing with government information security professionals).

• Ensure that all written communication (reports, briefings, and alerts) is professional, high-quality, free of errors, and clearly delivers actionable intelligence.

• Other duties as assigned

Qualifications

• High school diploma or GED equivalent required

• Bachelors degree in computer science, Digital Forensics, or related major with an emphasis on Security preferred

• 6+ years experience in Threat Hunting, Security Research, or Incident Response

• Demonstrated leadership skills, preferably in a formal leadership role

• Scripting experience

• IAT Level II Certification required

• TS/SCI clearance required

Preferred Qualifications:

• Successfully pass background and drug screening

Knowledge, Skills, and Abilities:

• Advanced technical expertise in threat hunting, deep-dive malware analysis, and the operational application of threat intelligence within highly classified (TS/SCI and SAP) network enclaves.

• Demonstrated leadership and industry contribution, recognized as a subject matter expert within the defense or broader information security community for advancing incident response methodologies.

• Proven track record of excellence in leadership, specifically in guiding, mentoring, and directing mid-level and senior information security professionals during active cyber operations and crisis response.

• Government/Client Service Experience: Extensive experience serving as a primary technical liaison, providing Incident Defense (ID) and threat resolution services directly to government stakeholders and technical clients.

• Security Engineering & Architecture: Knowledge of planning, designing, and implementing robust security controls, detection rules, and defensive systems tailored to secure network architectures.

• Adversary Emulation: Skill in executing red team or purple team adversary simulations to test and validate defensive postures against Advanced Persistent Threats (APTs).

• Technical Mentorship: Experience teaching, mentoring, and guiding junior and mid-level analysts in advanced digital forensics and malware analysis techniques.

• Advanced Forensics: Deep technical understanding of host and network-based forensic analysis techniques, with the ability to accurately interpret complex artifacts and maintain data integrity during investigations.

• Malware & Script Analysis: High-level skill in reverse-engineering and analyzing obfuscated, malicious scripts (e.g., PowerShell, VBA, JavaScript, .NET) utilized by sophisticated threat actors.

• Superior Research Capabilities: Exceptional technical analysis and research skills, capable of proactively identifying novel threats and vulnerabilities.

• Executive Communication: Excellent written and verbal communication skills, capable of producing high-quality, error-free incident reports and briefings suitable for government leadership.

• Technical Translation: Ability to clearly explain highly complex cybersecurity incidents, TTPs, and risks to both technical peers and non-technical decision-makers.

• Project & Case Management: Proven ability to independently manage multiple complex incident investigations or research projects simultaneously, demonstrating high accountability, personal initiative, and integrity.

• Crisis Management: Ability to take ownership during high-stress cyber incidents, rapidly set triage priorities, multitask effectively, and meet tight government reporting deadlines.

• Collaboration: Well-developed problem-solving and interpersonal skills to facilitate seamless coordination with Network Operations and Security Centers (NOSCs), intelligence teams, and external partners.

• Attention to Detail: Excellent organizational skills with acute attention to detail, critical for maintaining chain-of-custody, accurate incident logging, and operating within strict SAP compliance frameworks.

How youll grow

At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe theres always room to learn.

We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.

Benefits

At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.

Learn more about what working at Chenega MIOS can mean for you.

Chenega MIOSs culture

Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.

Corporate citizenship

Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

Learn more about Chenegas impact on the world.

Chenega MIOS News-

Tips from your Talent Acquisition Team

We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:

Chenega MIOS web site -

Glassdoor -

LinkedIn -

Facebook -

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program