Incident Response Expert / Cyber Eviction Analyst

Job Description

Job Description

Incident Response Expert / Cyber Eviction Analyst

Location: Arlington, VA

Must have an active Top Secret Security Clearance

Node.Digital is an innovative minority-owned solutions and services company specializing in AI & Automation. We combine proprietary agile development services with next-generation technology to create seamless customer experiences, driving digitalization and automation across industries. Our mission is to blend story, strategy, and technology to deliver frictionless multichannel user experiences.

As an Incident Response Expert / Cyber Eviction Analyst, you will play a critical role in protecting our clients' digital assets and infrastructure. You will serve as a subject matter expert in cyber incident response, applying deep knowledge of threat actor tools, techniques, and procedures to identify, contain, and eradicate threats. Your expertise will help shape technical objectives, develop creative solutions, and guide incident response teams in high-stakes environments.

Key responsibilities include:

• Serving as a hunt and incident response subject matter expert, providing technical direction and alternatives to response teams
• Applying deep knowledge of threat actor tools, techniques, and procedures (TTPs) to complex incident response challenges
• Producing executive summaries and detailed technical reports for stakeholders
• Conducting expert analysis and research on hunt and incident response problems with broad direction
• Setting technical objectives and developing creative solutions to complex security issues
• Analyzing incident data and victim environments to recommend targeted mitigations
• Advising on countermeasure implementation and customization
• Supporting containment and eradication missions
• Documenting analysis in a standardized knowledge base and maintaining process/procedure documentation
• Guiding completion of hunt and incident response activities across multiple environments

Requirements

Required Qualifications:

• Bachelor’s degree in Computer Science, Cyber Security, Computer Engineering, or a related field; or a high school diploma with 10+ years of technical experience
• 8+ years of cyber incident response experience, including threat hunting, containment, and eradication
• Proficiency administering and investigating on both Linux/Unix and Windows systems
• Hands-on experience using Splunk as a SIEM for incident response or threat hunting
• Strong understanding of network architecture, network security concepts, and attack stages/classes
• Incident response experience across on-premises, cloud environments, and Windows Active Directory
• Meets DoD 8140.01 certification requirements at IAT II, IASAE II, or CSSP Analyst level
• U.S. citizen with an active TS/SCI clearance and ability to obtain DHS suitability
• Ability to travel domestically on short notice (~25%)
• Experience producing executive summaries and detailed technical incident response reports

Preferred Qualifications:

• Holds at least one of the following certifications: GCIA, GCIH, CEH, or GIAC GNFA
• Experience with leadership or mentoring in incident response teams
• Familiarity with CND policies and procedures
• Knowledge of threat environments, network/system administration, and IAM tools
• Experience with enterprise architecture security review and defense-in-depth strategies
• Expertise in host and network intrusion detection, event correlation, and malicious activity analysis
• Strong collaboration skills with stakeholders across multiple locations

Benefits

We are proud to offer competitive compensation and benefits packages to include:

• Medical
• Dental
• Vision
• Basic Life
• Long-Term Disability
• Health Saving Account
• 401K
• Three weeks of PTO
• 10 Paid Holidays
• Pre-Approved Online Training