SOC / Incident Response Lead
$110k - $130kDevelopment InfoStructure
Job Description
Job Description
Company Overview
Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and consulting services, specializing in cutting-edge technologies such as DevSecOps, AI, and Machine Learning. With over 30 years of experience, we have established ourselves as a trusted partner for government agencies, delivering tailored, mission-critical solutions that drive digital transformation and operational excellence. Our client-centric approach, coupled with our deep domain expertise and technical prowess, enables us to forge enduring relationships and consistently deliver high-impact, adaptive solutions that resonate with the unique needs of the public sector.
The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security monitoring and incident response under the Information Security Program Support Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information Technology (OD OIT), responsible for leading Tier 1 detection and triage and Tier 2/3 forensics, threat hunting, and cyber threat intelligence across the NIH/OD-OIT managed environment. This role drives execution across incident detection, triage, investigation of suspected intrusions within 30 minutes, containment and recovery, digital forensics (NIST SP 800-86), malware analysis, and incident reporting in close coordination with NIH/OD OIT leadership and enterprise cybersecurity organizations. This is a full-time position with work performed primarily offsite, though travel to NIH/OD facilities in the Bethesda, MD area will be required on an as-needed basis. Core hours are Monday-Friday, 7:00 AM - 6:00 PM EST, and after-hours support for emergency incidents will be required as needed by NIH/OD. Position is contingent upon award and client approval. Primary Duties
Lead 24x7 Security Operations
- Direct real-time, 24x7x365 security log collection, monitoring, alerting, and event analysis across the OIT-managed environment
- Perform incident triage on all incidents to determine scope, urgency, and operational impact
- Investigate suspected intrusions and suspicious activity within 30 minutes of detection
- Ensure accurate, consistent incident categorization and ticketing
- Lead detection, triage, analysis, containment, eradication, recovery, and post-incident reporting
- Oversee Tier 2/3 digital forensics, evidence preservation, and chain of custody compliant with NIST SP 800-86
- Conduct malware analysis, reverse engineering, and analysis of suspicious websites, emails, and payloads
- Deliver Security Incident Tickets/Reports within 1 hour of detection and Incident Response After Action Reports
- Lead Advanced Persistent Threat (APT) hunting across the managed environment
- Operate an active Cyber Threat Intelligence (CTI) program to collect, correlate, and disseminate relevant intelligence and IOCs
- Support collaboration with OCIO threat intelligence / Fusion Center activities
- Provide engineering support to the SOC and Incident Response Team and ensure proper configuration of SOC-managed tools and agents
- Lead annual incident response tabletop exercises and implement lessons learned
- Produce the Monthly Forensic Activity Summary and related metrics
Required Qualifications
Education & Experience
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience)
- Minimum 7 years in security operations / incident response, including SOC team leadership
- Demonstrated experience with digital forensics, malware analysis, and threat hunting in enterprise environments
- One or more incident response/forensics certifications: GCIH, GCIA, or GCFA (or comparable)
- CISSP strongly preferred
- Hands-on expertise with SIEM, EDR, and IDS/IPS platforms and security log analysis
- Forensic tooling and evidence handling consistent with NIST SP 800-86 and Federal Rules of Evidence
- Familiarity with US-CERT incident notification guidelines and federal reporting timelines
- Calm, decisive leadership during active incidents and crisis coordination
- Strong written reporting and clear escalation communication
- Experience supporting NIH/HHS or other federal SOC operations
- Cloud monitoring/IR experience (e.g., Azure, AWS)
- Experience standing up or maturing CTI programs
- Must be able to obtain and maintain the NIH/OD/OIT required clearance level and complete all suitability/onboarding requirements
- $110,000 - $130,000
Devis is an AA/EOE/M/F/Disabled/VET Employer committed to providing equal employment opportunity without regard to an individual’s race, color, religion, age, gender, sexual orientation, veteran status, national origin or disability.
Powered by JazzHR
uMt8iAMGSu
- ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers in Washington, DC. The ideal... ...cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like...Suggested
$110k - $130k
...Company Overview Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management,... ...unique needs of the public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security...SuggestedFull timeWork at officeMonday to Friday- Tetrad Digital Integrity (TDI) is looking for a Senior Incident Response Analyst to support government cybersecurity efforts. Your role will involve leading incident response, analyzing security events, and improving detection technologies. With 12-15 years of experience...Suggested
- ...Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community... ...and post-incident follow-up activities. Coordinate with SOC, engineering, and program leadership to maintain response...SuggestedFull timeContract workPart timeShift workNight shift
$116.9k - $243.1k
...Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle... ...’s security posture. Key Responsibilities Lead CIRT operations in... ...incident response Manage all SOC investigations, including misuse...SuggestedLive inWork at officeLocal area$130k - $170k
...technical position focuses on advanced threat detection, incident response, and forensic analysis within a SOC environment. Candidates should have a Bachelor’s in... ...and cyber forensics. Responsibilities include leading investigations, mentoring junior analysts, and integrating...- ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’...
- ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world...Immediate startFlexible hours
- ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data...Contract work
- ...DESCRIPTION As a Technology Support Lead at JPMorganChase within the Cybersecurity & Technology Controls Incident Management & Response team, you will serve as a critical member... ...Center (GICC) and Security Operations Center (SOC), providing 24/7 support for incident...
- Itlearn360 is seeking a SOC Security Analyst L3 to work from its College Park, Maryland office for four days a week. This role is vital... ...threats faced by global customers. You'll analyze alerts, lead investigations, and mentor junior analysts while contributing to...Work at office
$310k - $375k
Colorwave is seeking an Incident Response Manager in Washington, DC. In this role, you will own the operational response processes of the Safeguards team, ensuring effective handling of incidents and escalations across various departments. The ideal candidate will have...Visa sponsorship$207k - $301k
Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in...$100k - $120k
Bering Straits Native Corporation is seeking a Sr. Cybersecurity Incident Response Specialist in Washington, DC. This role involves monitoring cyber threats and ensuring the security of networks and systems. The ideal candidate should have a deep understanding of cybersecurity...- A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and...
- Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience...
$116.9k - $243.1k
A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity...- cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications: ~ Public...Full timeRemote work
- Tyto Athene, LLC in Washington is searching for a Tier 3 Digital Forensics and Incident Response Analyst. In this role, you will lead cross-functional teams in analyzing major cybersecurity incidents and serve as the primary contact for escalation issues. The ideal candidate...
$131.3k - $237.35k
Leidos is seeking a Senior Incident Response Analyst in Bethesda, Maryland to support the DHS CISA Program. The role involves coordinating incident investigations, analyzing cyber incidents, and developing response procedures. A bachelor's degree in Computer Science or...- ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has...
- ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along...
$195k - $205k
...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree...- ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write...For contractors
- ...requires leadership in cybersecurity operations, particularly in continuous monitoring and diagnostics, threat assessment, and incident response management. Qualified applicants must have extensive experience equivalent to GS-13 and a proven track record in selecting and...
- ...Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain... ...experience in risk management, incident response, and vulnerability assessment within a government... ...(OCFO). Security Operations Center (SOC) Tools Management: Set up and optimize...Contract workFor contractorsWork at officeLocal area
- ...Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential... ...accountability for day-to-day incident response operations, providing leadership and direction... ...include coordinating with SOC teams, ISSOs, and AOs, integrating threat...Contract workFlexible hours
- ...seeking a highly skilled and mission-focused SOC Lead to oversee the daily operations of the... ...for stakeholders at all levels. Key Responsibilities Lead, mentor, and manage SOC analysts... ...analysis, and response to cybersecurity incidents, serving as the escalation point for...Contract workFor contractors
- ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a...
- KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to SOC / Incident Response Lead. Be the first to apply!


