Incident Response Team Lead
Agile Defense
About Agile Defense
At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility-leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests.
Requisition #: 1435
Job Title: Incident Response Team Lead
Location: Reston, VA
Clearance Level: TS (SCI Eligible)
Active Certified Information System Security Professional (CISSP)
SUMMARY
Agile Defense is seeking experienced Cyber Incident Response Team Lead to support an enterprise cybersecurity program that delivers 24/7/365 Cybersecurity Operations Center (SOC) services. The IR team conducts security investigations for potential threat activity identified within the organization, conducts deep-dive forensic investigations (host-based, cloud and network), identify and implement countermeasures, as well as track and report on incident activity to USG customers. To support this vital mission, Agile Defense staff are on the forefront of providing Advanced CSOC Operations to include the development of advanced analytics and countermeasures to protect critical assets from various cyber threats. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, technical analysis and incident response lifecycle. A strong work ethic, diligent time and attendance, written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management.
JOB DUTIES AND RESPONSIBILITIES
Drive the incident response lifecycle to include incident detection, analysis, escalation, and coordinated response across all CSOC functions. Develop and standardize incident response runbooks, playbooks, and communication protocols; ensure proper evidence handling and thorough documentation. Monitor and improve key performance metrics (MTTA/MTTR); capture lessons learned and implement corrective actions to strengthen future response efforts.
QUALIFICATIONS Required Certifications
Certified Information System Security Professional (CISSP) and
One or more of the following certifications:
GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH); GIAC Certified Forensic Analyst (GCFA); SANS GIAC Certified Enterprise Defender (GCED) or
Other Information Assurance Technician (IAT) Level III certification in accordance with DoD Directive 8570.1.
Education, Background, and Years of Experience
Bachelor of Science in computer science, engineering, STEM or cybersecurity IT or cyber security (or eight (8) years of relevant work experience in lieu of a degree).
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills
Five (5) years of progressive professional experience in incident response role, SOC analyst role with emphasis in cyber security issues, incidents, hunts or digital forensics and operations, and computer incident response lifecycle.
Candidates must also exhibit proficient use of cyber tools, including but not limited to Security Information and Event Management (SIEM), network analysis, live response, endpoint detection and response tools, Intrusion Prevention / Detections Systems (IPS / IDS) and CSOC ticketing platforms.
Preferred Skills
One or more of the following GFCA, GPEN, GREM, GFNA, GIAC
Familiarity with Cloud environments
WORKING CONDITIONS
Environmental Conditions
Hybrid onsite in Reston, VA
Strength Demands
Physical Requirements Our Core Values
Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.
What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.
At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility-leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests.
Requisition #: 1435
Job Title: Incident Response Team Lead
Location: Reston, VA
Clearance Level: TS (SCI Eligible)
Active Certified Information System Security Professional (CISSP)
SUMMARY
Agile Defense is seeking experienced Cyber Incident Response Team Lead to support an enterprise cybersecurity program that delivers 24/7/365 Cybersecurity Operations Center (SOC) services. The IR team conducts security investigations for potential threat activity identified within the organization, conducts deep-dive forensic investigations (host-based, cloud and network), identify and implement countermeasures, as well as track and report on incident activity to USG customers. To support this vital mission, Agile Defense staff are on the forefront of providing Advanced CSOC Operations to include the development of advanced analytics and countermeasures to protect critical assets from various cyber threats. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, technical analysis and incident response lifecycle. A strong work ethic, diligent time and attendance, written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management.
JOB DUTIES AND RESPONSIBILITIES
Drive the incident response lifecycle to include incident detection, analysis, escalation, and coordinated response across all CSOC functions. Develop and standardize incident response runbooks, playbooks, and communication protocols; ensure proper evidence handling and thorough documentation. Monitor and improve key performance metrics (MTTA/MTTR); capture lessons learned and implement corrective actions to strengthen future response efforts.
QUALIFICATIONS Required Certifications
Certified Information System Security Professional (CISSP) and
One or more of the following certifications:
GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH); GIAC Certified Forensic Analyst (GCFA); SANS GIAC Certified Enterprise Defender (GCED) or
Other Information Assurance Technician (IAT) Level III certification in accordance with DoD Directive 8570.1.
Education, Background, and Years of Experience
Bachelor of Science in computer science, engineering, STEM or cybersecurity IT or cyber security (or eight (8) years of relevant work experience in lieu of a degree).
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills
Five (5) years of progressive professional experience in incident response role, SOC analyst role with emphasis in cyber security issues, incidents, hunts or digital forensics and operations, and computer incident response lifecycle.
Candidates must also exhibit proficient use of cyber tools, including but not limited to Security Information and Event Management (SIEM), network analysis, live response, endpoint detection and response tools, Intrusion Prevention / Detections Systems (IPS / IDS) and CSOC ticketing platforms.
Preferred Skills
One or more of the following GFCA, GPEN, GREM, GFNA, GIAC
Familiarity with Cloud environments
WORKING CONDITIONS
Environmental Conditions
Hybrid onsite in Reston, VA
Strength Demands
Physical Requirements Our Core Values
Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.
What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.
- Happy - Be Infectious. Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.
- Helpful - Be Supportive. Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.
- Honest - Be Trustworthy. Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.
- Humble - Be Grounded. Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.
- Hungry - Be Eager. Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.
- Hustle - Be Driven. Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Incident Response Team Lead in Reston, VA vacancy
- A cybersecurity firm located in Falls Church, Virginia, seeks a Security Operations Center (SOC) Lead to manage daily security operations, coordinate incident response activities, and oversee SOC analysts. Candidates should have over 12 years of experience in cybersecurity...Suggested
- ...Job Description The Incident Commander serves as the senior operational... ...incidents and is responsible for directing, coordinating,... ...events, ensuring that technical teams, business stakeholders, executive... .... The Incident Commander leads incident response efforts...Suggested
Defianx
McLean, VA3 days ago - ...ManTech International is seeking a Location Support Center Lead to guide a skilled IT support team in Herndon, VA. This role involves managing incident responses and providing top-notch support for IT infrastructure. You will lead a diverse group, utilizing ITIL practices...Suggested
ManTech International Corporation
Herndon, VA15 hours ago - ...ECS is seeking a SOC CTIC Lead - SME to support the Army National Guard’s cybersecurity... ...operations. This role involves conducting cyber incident investigations, performing malware triage... ...Clearance. Applicants will join a team working across classified and unclassified...SuggestedContract work
ECS
Fairfax, VA4 days ago - ...other technologies. Responsibilities Contributes to the planning... ...'s concepts and principles. Leads and directs the work of other... ...Supervision may be provided through a team of subordinate supervisors... ..., monitor, and report on the incident remediation efforts....SuggestedContract workFor contractorsRemote work
Akima
Ashburn, VA4 days ago - A leading technology company in Fairfax, Virginia seeks a Support Lead (SRE) to oversee support operations and enhance system reliability. You will manage a team of engineers, optimize performance, and implement automation tools. Ideal candidates should have a strong background...
- ...Help Desk Lead / Supervisor (Player/Coach) Location: Reston, VA... ...electronic security systems. Our teams combine deep technical... ...partner to the business. Key Responsibilities Hands‑On Technical Support (Primary... ...system , including: Incident, Problem, Asset, and Knowledge...Remote workFlexible hours
Cssoperations
Reston, VA3 days ago - ...contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.... ...notice Responsibilities We are seeking an Incident Support Manager to join our team supporting a national law enforcement agency NOC. This...Full timeContract workTemporary workWork at officeLocal areaRemote workMonday to FridayShift workNight shiftDay shift
TekSynap
Ashburn, VA25 days ago - ...seeks a motivated, career and customer-oriented Location Support Center Lead to join our team in Herndon, VA . In this role, you will lead a team of IT support professionals handling incident response, network installations, and project management. As LSC Lead, you’ll...Temporary workFor contractorsWork experience placementWork at officeLocal areaRemote workMonday to FridayShift workAfternoon shiftEarly shift
MANTECH
Herndon, VA7 hours ago - ...Description Description: FranConnect is the leading franchise and multi-unit management... ...are built on great cultures. Our team is passionate, collaborative, and driven... ...customer-centric CSM Team Lead! This role is responsible for ensuring our customers achieve measurable...Worldwide
FranConnect, LLC
Herndon, VA5 days ago - ...Requisition #: 1434 Job Title: Threat Hunt Lead Location: Reston, VA Clearance... ...systems operations, analysis and incident response. Strong written and verbal communications... ...with asset owners and incident response teams. Communicate significant findings to USG...
Agile Defense
Reston, VA5 days ago - ...Advanced Threat Team Lead - Senior ECS is seeking an Advanced Threat Team Lead - Senior... ...engineering teams to improve threat detection and response in support of DCO-IDM objectives across... .... Coordinate with SOC Tier 2, Cyber Incident Response Team (CIRT), cyber threat...Contract work
ECS
Fairfax, VA1 day ago - ...SOC Team Lead - Senior ECS is seeking a SOC Team Lead - Senior to support the Army National... ...enable SOC monitoring, detection, and response across ARNG enterprise environments. The... ...and unclassified enclaves. Support incident and ticket escalation workflows by providing...Contract work
ECS
Fairfax, VA3 days ago - ...Fairfax, VA, we bring the agility, responsiveness, and customer intimacy of a small... ...Cybersecurity Operations Support Team. This role is responsible for leading a small team of analysts,... ...situational awareness, coordinating incident response, and strengthening the customer...Local areaFlexible hours
Concept Plus
Fairfax, VA2 days ago - ...2 Analyst to investigate and respond to complex cybersecurity incidents as part of our Security Operations Center. Ideal candidates should... ...1 analysts. The successful applicant will join our innovative team, with access to competitive benefits, certification support,...
Defianx
Falls Church, VA5 days ago - ...Herndon, Virginia is seeking a passionate and motivated Supervisor to lead a dynamic team. The ideal candidate will ensure outstanding guest experiences in a fun and fast-paced environment. Key responsibilities include guiding daily operations, supporting team members, and...
Austin Grill
Herndon, VA2 days ago $7.5k
...Authorization And Accreditation Lead Location: McLean / Herndon / Reston, VA (Northern... ...are ready to support a high-performing team that truly makes a difference, then come... ..., IT system troubleshooting, and incident response OR High School Diploma and eight (8) years...Work experience placementWork at officeImmediate startFlexible hoursRealmOne
Reston, VA19 days ago- ...Description Overview ***** This position is contingent upon contract award ***** SOSi is seeking a Team Lead to support a 24/7/365 program, who will be responsible for managing day-to-day shift. The Team Lead will play a key role in ensuring smooth workflow by...Full timeContract workSecond jobWorldwideShift workNight shiftDay shift
SOS International LLC
Reston, VA2 days ago - ...opportunity in Herndon, Virginia. The position involves supporting the Donation Express Manager while leading a team and enhancing community engagement. Responsibilities include ensuring excellent customer service, managing donation operations, and supervising staff. The...Night shift
Goodwill of Greater Washington
Herndon, VA4 days ago $3,000 per month
...dynamic ServiceNow Functional Lead to support a highly visible... ...architects, and engineering teams to assess the current platform... ...customers’ critical missions. Responsibilities The Functional Lead works... ...across key processes including Incident, Problem, Change, Major...Work from homeAcuity
Reston, VA5 days ago- ...and regulated business units. Key responsibilities: Lead global platform operations across cloud... ...MSPs, vendors, and global operations teams Ensure system performance, uptime,... ...recovery, business continuity, and incident response Ensure compliance with SOX...Remote work
ITACCEL
Herndon, VA4 days ago - ...SOC CIRT Team Lead - SME ECS is seeking a SOC CIRT Team Lead - SME to support the Army National Guard (ARNG) Enterprise Network... ...Task 3 — Cybersecurity Operations Support — by leading cyber incident response activities across the ARNG enterprise and directing...Contract work
ECS
Fairfax, VA3 days ago $148k - $241k
...thrives in person. That's why most of our teams work from the office full time, with... ...deliver outsized results. Your Impact Lead the global PR strategy to build the... ...visibility of Unit 42's threat intelligence, incident response, and proactive security services....Full timeWork at officeVisa sponsorshipWork visaPalo Alto Networks
Reston, VA3 days ago- ...clients world-wide. Client is a leading Indian Original Equipment... ...between end-users and technical teams. Beyond technical troubleshooting, this Lead is responsible for the operational health of... ...from the Service Desk. Incident Management: Lead the investigation...Full time
Tekwissen
Herndon, VA5 days ago - ...healthcare, career growth, paid PTO, no inventory or overnights, and bonus potential. Be a decision maker and lead a team while improving your community. Responsibilities Essential Duties and Responsibilities: Supports the Donation Express Manager in operations for...Shift workWeekend work
- ...Deskside Technician (Senior) (Lead) Job ID 2026-9067... ...duty and veteran employees. Responsibilities Primary Duty - Senior... ...the most technically complex incidents, in workstation imaging and STIG... ...weekend coverage across the team. Ensures all technicians submit...Full timeFor contractorsWork at officeRemote workWeekend work
Empower AI
Reston, VA2 days ago $98.19k - $166.92k
...Technical Team Lead - Business & Infrastructure Please note: This role is contingent... ...Technical Team Lead will guide a team responsible for platform operations, data pipelines... ...performance. Provide technical support for incident, problem, and change management,...Full timeContract workWork experience placementImmediate startRemote workICF International Inc
Reston, VA2 days ago$34.56k - $58.76k
...Team Lead For Outbound Data Collection Call Center The Team Lead, reporting to the Data Collection Supervisor, will provide leadership... ...Collection for Survey Research. The successful candidate's responsibilities will include staffing, training, scheduling, production,...Full timeContract workWork experience placementRemote workFlexible hoursWeekend workAfternoon shift- ...A leading organization in Washington D.C. is currently seeking... ...work EST hours.*** Responsibilities: Engineer, maintain... ...365, OneDrive, SharePoint, Teams, and enterprise collaboration... ..., compliance validation, incident investigations, and evidence...Remote work
Tandym Group
Reston, VA4 days ago - ...Performance Management / Performance Pay Team Lead ID 2026-3346 Category Human Resources Type... ...upcoming opportunities supporting federal government clients. Responsibilities Serve as the Primary Point of Contact for PWS Section 3.0...Full timeContract workFor subcontractor
Golden Key Group
Reston, VA1 day ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Incident Response Team Lead. Be the first to apply!
Related searches