Cyber Defense Incident Responder (Tier 2)

Description RMC is hiring a dedicated Cyber Defense Incident Responder (Tier 2) to provide 24/7/365 cybersecurity monitoring and detection for the government enterprise network. In this role, you will be responsible for conducting in‑depth cyber investigations and responding to incidents across the enterprise network. This critical position involves working with advanced tools, engaging with global stakeholders, and ensuring the network's security and operational integrity. It is a fast‑paced, high‑impact role in a mission‑critical environment. Investigate Cyber Incidents: Perform in‑depth analysis of network and host artifacts (e.g., logs, system images, packet captures) to identify root causes, operational impacts, and enable rapid remediation of threats. Incident Triage: Assess the scope, urgency, and potential impact of incidents, identify vulnerabilities, and recommend effective mitigation strategies. Incident Management: Manage incidents from detection to resolution, documenting actions and outcomes in compliance with DoD Cyber Incident Handling Program (CJCSM 6510.01B). Forensics and Threat Analysis: Conduct real‑time forensic collections, intrusion correlation, threat analysis, and direct system remediation tasks. Collaboration: Work closely with subordinate organizations, law enforcement, and counterintelligence teams on high‑profile incidents and insider threat investigations. Documentation and Training: Update incident response tactics, techniques, and procedures annually, and deliver quarterly training sessions to enhance team readiness. Red Team Interaction: Collaborate with Red Teams to validate and enhance incident response capabilities through realistic penetration testing exercises. Quality Assurance: Maintain high standards in incident response, ensuring consistent quality and efficiency as assessed by government‑defined metrics. Requirements Clearance: Must obtain and maintain an active Top Secret security clearance with SCI eligibility. Can begin this position with verification of adjudicated Secret clearance eligibility. Education and Certification: DODD 8570 IAT Level II Certification DODD 8570 CSSP Incident Responder Certification Experience: At least 2+ years in cybersecurity, with hands‑on experience in incident response or related roles. Familiarity with tools such as Tanium, Elastic/Kibana, and Microsoft Defender for Endpoint. Strong understanding of the DoD environment and cybersecurity frameworks. Skills: Expertise in forensic analysis, threat hunting, and vulnerability assessment. Excellent problem‑solving abilities and attention to detail. Strong communication skills for interacting with technical teams, leadership, and external stakeholders. This position is considered essential and will be required to report during hazardous weather, power outages, fuel shortages, pandemics, and other emergencies. This position covers 24x7x365, 12‑hour shifts (Su‑Tu alternate Wednesdays, and alternate Wed‑Th‑Sa). The applicant is likely to start on a night shift that covers the 12‑hour period from 7pm to 7am. Benefits Salary range: $120,000 to $130,000 annually. Paid vacation and 11 federal holidays. Low‑deductible healthcare plans, pet insurance, and 401(k) package. Tuition assistance and certifications. #J-18808-Ljbffr Koitecc Solutions