Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

SOC / Incident Response Lead

$110k - $130k

Development InfoStructure

Job Description

Job Description

Company Overview
Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and consulting services, specializing in cutting-edge technologies such as DevSecOps, AI, and Machine Learning. With over 30 years of experience, we have established ourselves as a trusted partner for government agencies, delivering tailored, mission-critical solutions that drive digital transformation and operational excellence. Our client-centric approach, coupled with our deep domain expertise and technical prowess, enables us to forge enduring relationships and consistently deliver high-impact, adaptive solutions that resonate with the unique needs of the public sector.

Job Overview
The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security monitoring and incident response under the Information Security Program Support Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information Technology (OD OIT), responsible for leading Tier 1 detection and triage and Tier 2/3 forensics, threat hunting, and cyber threat intelligence across the NIH/OD-OIT managed environment. This role drives execution across incident detection, triage, investigation of suspected intrusions within 30 minutes, containment and recovery, digital forensics (NIST SP 800-86), malware analysis, and incident reporting in close coordination with NIH/OD OIT leadership and enterprise cybersecurity organizations.

This is a full-time position with work performed primarily offsite, though travel to NIH/OD facilities in the Bethesda, MD area will be required on an as-needed basis. Core hours are Monday-Friday, 7:00 AM - 6:00 PM EST, and after-hours support for emergency incidents will be required as needed by NIH/OD. Position is contingent upon award and client approval.

Primary Duties
Lead 24x7 Security Operations
  • Direct real-time, 24x7x365 security log collection, monitoring, alerting, and event analysis across the OIT-managed environment
  • Perform incident triage on all incidents to determine scope, urgency, and operational impact
  • Investigate suspected intrusions and suspicious activity within 30 minutes of detection
  • Ensure accurate, consistent incident categorization and ticketing
Direct Incident Response & Forensics
  • Lead detection, triage, analysis, containment, eradication, recovery, and post-incident reporting
  • Oversee Tier 2/3 digital forensics, evidence preservation, and chain of custody compliant with NIST SP 800-86
  • Conduct malware analysis, reverse engineering, and analysis of suspicious websites, emails, and payloads
  • Deliver Security Incident Tickets/Reports within 1 hour of detection and Incident Response After Action Reports
Advance Threat Hunting & Intelligence
  • Lead Advanced Persistent Threat (APT) hunting across the managed environment
  • Operate an active Cyber Threat Intelligence (CTI) program to collect, correlate, and disseminate relevant intelligence and IOCs
  • Support collaboration with OCIO threat intelligence / Fusion Center activities
Strengthen the SOC
  • Provide engineering support to the SOC and Incident Response Team and ensure proper configuration of SOC-managed tools and agents
  • Lead annual incident response tabletop exercises and implement lessons learned
  • Produce the Monthly Forensic Activity Summary and related metrics

Required Qualifications

Education & Experience

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience)
  • Minimum 7 years in security operations / incident response, including SOC team leadership
  • Demonstrated experience with digital forensics, malware analysis, and threat hunting in enterprise environments
Required Certifications
  • One or more incident response/forensics certifications: GCIH, GCIA, or GCFA (or comparable)
  • CISSP strongly preferred
Technical Skills
  • Hands-on expertise with SIEM, EDR, and IDS/IPS platforms and security log analysis
  • Forensic tooling and evidence handling consistent with NIST SP 800-86 and Federal Rules of Evidence
  • Familiarity with US-CERT incident notification guidelines and federal reporting timelines
Leadership Capabilities
  • Calm, decisive leadership during active incidents and crisis coordination
  • Strong written reporting and clear escalation communication
Preferred Qualifications
  • Experience supporting NIH/HHS or other federal SOC operations
  • Cloud monitoring/IR experience (e.g., Azure, AWS)
  • Experience standing up or maturing CTI programs
Clearance
  • Must be able to obtain and maintain the NIH/OD/OIT required clearance level and complete all suitability/onboarding requirements
Salary Range
  • $110,000 - $130,000

Devis is an AA/EOE/M/F/Disabled/VET Employer committed to providing equal employment opportunity without regard to an individual’s race, color, religion, age, gender, sexual orientation, veteran status, national origin or disability.

Powered by JazzHR

uMt8iAMGSu

Vacancy posted 7 days ago
Similar jobs that could be interesting for youBased on the SOC / Incident Response Lead in Bethesda, MD vacancy
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers in Washington, DC. The ideal...  ...cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like... 
    Suggested

    Accenture

    Washington DC
    18 hours ago
  • $110k - $130k

     ...Company Overview Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management,...  ...unique needs of the public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security... 
    Suggested
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    7 days ago
  • Tetrad Digital Integrity (TDI) is looking for a Senior Incident Response Analyst to support government cybersecurity efforts. Your role will involve leading incident response, analyzing security events, and improving detection technologies. With 12-15 years of experience... 
    Suggested

    TDI (Tetrad Digital Integrity)

    Arlington, VA
    1 day ago
  •  ...Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community...  ...and post-incident follow-up activities. Coordinate with SOC, engineering, and program leadership to maintain response... 
    Suggested
    Full time
    Contract work
    Part time
    Shift work
    Night shift

    Rividium Inc

    Alexandria, VA
    4 days ago
  • $116.9k - $243.1k

     ...Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle...  ...’s security posture. Key Responsibilities Lead CIRT operations in...  ...incident response Manage all SOC investigations, including misuse... 
    Suggested
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    18 hours ago
  • $130k - $170k

     ...technical position focuses on advanced threat detection, incident response, and forensic analysis within a SOC environment. Candidates should have a Bachelor’s in...  ...and cyber forensics. Responsibilities include leading investigations, mentoring junior analysts, and integrating... 

    ActioNet, Inc.

    Rockville, MD
    4 days ago
  •  ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’... 

    EmergencyMD

    Washington DC
    1 day ago
  •  ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world... 
    Immediate start
    Flexible hours

    S-RM Intelligence and Risk Consulting

    Washington DC
    1 day ago
  •  ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data... 
    Contract work

    Navstar

    Washington DC
    3 days ago
  •  ...DESCRIPTION As a Technology Support Lead at JPMorganChase within the Cybersecurity & Technology Controls Incident Management & Response team, you will serve as a critical member...  ...Center (GICC) and Security Operations Center (SOC), providing 24/7 support for incident... 

    J.P. Morgan

    Washington DC
    9 days ago
  • Itlearn360 is seeking a SOC Security Analyst L3 to work from its College Park, Maryland office for four days a week. This role is vital...  ...threats faced by global customers. You'll analyze alerts, lead investigations, and mentor junior analysts while contributing to... 
    Work at office

    Itlearn360

    College Park, MD
    1 day ago
  • $310k - $375k

    Colorwave is seeking an Incident Response Manager in Washington, DC. In this role, you will own the operational response processes of the Safeguards team, ensuring effective handling of incidents and escalations across various departments. The ideal candidate will have... 
    Visa sponsorship

    Colorwave

    Washington DC
    4 days ago
  • $207k - $301k

    Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in... 

    Google

    Washington DC
    4 days ago
  • $100k - $120k

    Bering Straits Native Corporation is seeking a Sr. Cybersecurity Incident Response Specialist in Washington, DC. This role involves monitoring cyber threats and ensuring the security of networks and systems. The ideal candidate should have a deep understanding of cybersecurity... 

    Bering Straits Native Corporation

    Washington DC
    1 day ago
  • A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and... 

    Zantech

    Arlington, VA
    1 day ago
  • Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience... 

    Kapili Services, LLC

    Arlington, VA
    4 days ago
  • $116.9k - $243.1k

    A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity... 

    Accenture

    Arlington, VA
    18 hours ago
  • cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications: ~ Public... 
    Full time
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    9 days ago
  • Tyto Athene, LLC in Washington is searching for a Tier 3 Digital Forensics and Incident Response Analyst. In this role, you will lead cross-functional teams in analyzing major cybersecurity incidents and serve as the primary contact for escalation issues. The ideal candidate... 

    Tyto Athene, LLC

    Washington DC
    1 day ago
  • $131.3k - $237.35k

    Leidos is seeking a Senior Incident Response Analyst in Bethesda, Maryland to support the DHS CISA Program. The role involves coordinating incident investigations, analyzing cyber incidents, and developing response procedures. A bachelor's degree in Computer Science or... 

    Leidos

    Bethesda, MD
    5 days ago
  •  ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has... 

    Accenture

    Arlington, VA
    1 day ago
  •  ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along... 

    Insight Global

    Arlington, VA
    2 days ago
  • $195k - $205k

     ...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree... 

    Akima

    Alexandria, VA
    1 day ago
  •  ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write... 
    For contractors

    NewGen Technologies

    Arlington, VA
    2 days ago
  •  ...requires leadership in cybersecurity operations, particularly in continuous monitoring and diagnostics, threat assessment, and incident response management. Qualified applicants must have extensive experience equivalent to GS-13 and a proven track record in selecting and... 

    US Export-Import Bank of the United States

    Washington DC
    3 days ago
  •  ...Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain...  ...experience in risk management, incident response, and vulnerability assessment within a government...  ...(OCFO). Security Operations Center (SOC) Tools Management: Set up and optimize... 
    Contract work
    For contractors
    Work at office
    Local area

    DirectViz Solutions

    Washington DC
    5 days ago
  •  ...Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential...  ...accountability for day-to-day incident response operations, providing leadership and direction...  ...include coordinating with SOC teams, ISSOs, and AOs, integrating threat... 
    Contract work
    Flexible hours

    Evolver

    Washington DC
    3 days ago
  •  ...seeking a highly skilled and mission-focused SOC Lead to oversee the daily operations of the...  ...for stakeholders at all levels. Key Responsibilities Lead, mentor, and manage SOC analysts...  ...analysis, and response to cybersecurity incidents, serving as the escalation point for... 
    Contract work
    For contractors

    Powder River Industries LLC

    Washington DC
    1 day ago
  •  ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a... 

    EmergencyMD

    Rockville, MD
    2 days ago
  • KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders... 

    KellyMitchell Group

    Bethesda, MD
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to SOC / Incident Response Lead. Be the first to apply!