Incident Responder
cFocus Software Incorporated
Position Overview
The Incident Responder supports the Administrative Office of the U.S. Courts (AOUSC) by delivering advanced cybersecurity incident response and threat hunting services across both cloud and on-premises environments. This role focuses on identifying, analyzing, and mitigating sophisticated cyber threats while strengthening detection capabilities and improving overall security posture.
Key Responsibilities
Provide incident response support for declared security incidents and proactively hunt for threats not detected through automated systems
Conduct counterintelligence activities, develop Threat Actor (TA) dossiers, and identify adversary tactics, techniques, and procedures (TTPs)
Analyze SIEM alerts and security events to determine risk, impact, and appropriate response actions
Collect and analyze forensic data from compromised systems using EDR tools and custom scripts
Track and document incidents from initial detection through final resolution
Respond to government technical requests via ITSM platforms (e.g., HEAT, ServiceNow)
Perform malware triage and root cause analysis
Review open-source intelligence for emerging threats and adversary activity
Collaborate with court IT personnel to troubleshoot and resolve endpoint detection issues
Participate in after-action reviews and provide recommendations for improving security posture
Attend Agile Scrum standups and report on assigned Jira tasks
Review SOC incident reports and recommend enhancements, escalations, or re-evaluations
Required Qualifications
Minimum of 5 years of experience in incident response across cloud and non-cloud environments, including:
Microsoft Azure
Microsoft O365
Microsoft Active Directory
Zscaler
Minimum of 5 years of experience using Splunk Enterprise Security for incident response
Minimum of 5 years of experience collecting and analyzing data using:
EDR tools (CrowdStrike, Qualys)
Custom scripts (e.g., Sysmon, Auditd)
Experience with the following tools and technologies:
Microsoft Sentinel (threat hunting in Azure)
Tenable Nessus and SYN/ACK (vulnerability management)
NetScout (network traffic analysis)
SPUR.us (IP/address enrichment)
Mandiant threat intelligence feeds
Splunk Core Power User certification (required)
Must possess one of the following certifications:
GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Incident Handler (GCIH)
GIAC Continuous Monitoring (GMON)
GIAC Defending Advanced Threats (GDAT)
Ability to obtain a Low Risk Public Trust Suitability Determination
Key Deliverables
QA/Security Analysis review of SOC incident reports
Threat Actor (TA) IOC assessments
Web Application Firewall (WAF) rule implementations
Development of operational templates
Advanced SME Incident Response support for Priority 1 events (engagement within 4 hours, 24/7/365)
Comprehensive incident reports including:
Executive summary
Detailed findings
Security impact assessment
Timeline of events
Actions taken
Documentation of all work in Jira aligned with Agile processes
-
Creation and maintenance of Standard Operating Procedures (SOPs) and security playbooks
Work Environment
This role requires a strong on-site presence (80%) at the AOUSC facility in Washington, DC, and active participation in a collaborative, Agile-based cybersecurity operations environment.
$72.7k
Company : Highmark Health Job Description : JOB SUMMARY This role will manage and investigate live security incidents. Cyber Incident Responders work independently or collaboratively depending on each event and will serve as a subject matter expert who works to improve...SuggestedFor contractorsWork at officeLocal areaRemote work- ...Job Description Job Description Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential government client. The Lead Incident Responder serves as the central point of accountability for day-to-day incident response operations...SuggestedContract workFlexible hours
Evolver Federal
Washington DC3 days ago - ...Job Description Job Description cFocus Software seeks a n Incident Responder to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote...SuggestedWork at officeRemote work
cFocus Software Incorporated
Washington DC18 days ago - A prominent government contractor is seeking a highly skilled Lead Incident Responder to manage critical security documentation and ensure compliance with government standards. This role involves leading incident response efforts, conducting annual Security Control Assessments...SuggestedFor contractors
- Job Description Everforth ECS is looking for a Cyber Defense Incident Responder - Junior to work in our Washington, DC office. Everforth ECS Federal is a leading information security and information technology company. The position is full time/permanent on a long‑term...SuggestedLong term contractPermanent employmentFull timeWork at officeLocal areaImmediate start
$65k
...Consulting Services) Internal Job Profile Code: TCS055, T1, Band 4 Job-Specific Essential Duties and Responsibilities: Respond to cyber incidents, including handling SOC IR phone calls and emails from clients and customer points of contact. Support detection and incident...- ...-solving people-person, apply today! Location: Washington, DC Position Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain critical security documentation and ensure compliance with government standards for various systems. The...Contract workFor contractorsWork at officeLocal area
DirectViz Solutions, LLC
Washington DC23 days ago - A prominent cybersecurity firm is seeking a Tier 2 Incident Response Analyst to support law enforcement in Washington, DC. This role involves monitoring tools, triaging alerts, and investigating cyber threats as part of a collaborative SOC team. Candidates should have...
$65k - $74.1k
A leading consulting firm in Washington DC is looking for an experienced Cyber Defense Incident Handler. You will respond to incidents, support detection and analysis of cyber threats, and maintain knowledge of security protocols. Candidates should have a bachelor's degree...- A cybersecurity services provider is seeking an Incident Responder to support the Administrative Offices of the United States Courts in Washington, DC. This role involves incident response and threat hunting, requiring a minimum of 5 years of experience across cloud and...
- Everforth ECS is seeking a Cyber Defense Incident Responder - Junior to join our Washington, DC office. This full-time permanent position supports a US Government agency and is available immediately for qualified candidates. The successful candidate will be responsible...Permanent employmentFull timeWork at officeImmediate start
$60 per hour
Tyto Athene, LLC is seeking a Part-Time Tier 2 Incident Response Analyst in Washington, DC. The candidate will utilize security tools to analyze and investigate cybersecurity incidents and provide mentorship to Tier 1 analysts. A Bachelor's degree and at least four years...Part time$127k - $140k
...Responsibilities Reporting to the Manager of Adversary Response, the Incident Response Analyst operates on the front lines of active cyber... ..., outthink, and disrupt advanced threat actors. As a primary responder during live incident engagements, you will lead hands-on...Permanent employmentWork experience placementWork at officeRemote workWork from homeHome officeFlexible hours$37.88 - $45.49 per hour
...Patrol Sergeants and/or Captain, performs a variety of full performance, working level law enforcement and non-law enforcement duties. Responds to life and property threatening calls. Enforces federal and state laws and county ordinances for the protection of life, health,...Temporary workWork at officeShift workRotating shift$320k - $405k
...for an experienced Technical Program Manager to own and evolve incident management within D&R. This is a senior-level specialization on... ...the Technical Program Manager ladder, focused on how we detect, respond to, and learn from security and operational incidents. You’ll...Work at officeImmediate startVisa sponsorshipFlexible hoursShift work$310k - $375k
...enforcing our policies, protecting users, and ensuring our platform is not misused. As the Incident Response Manager, you will own the operational backbone of how Safeguards responds when things need attention fast. You will run the on‑call program, drive automation that...Work at officeVisa sponsorshipFlexible hoursWeekend work- Job Title: Incident Response SME Location: Onsite - Washington DC Experience: 10+ Years Work authorization: US Citizen Job Description Seeking an Incident Response SME to support review and enhancement of Security Incident Response Plans aligned with NIST 800‑61 and...
$62.2k - $105.7k
Position Overview The Incident Manager oversees the end‑to‑end lifecycle of IT incidents in an enterprise environment, ensuring rapid restoration of normal service with minimal disruption to mission‑critical systems. The role coordinates cross‑functional technical teams...Contract workWork experience placementWork at office- Incident Response Analyst (Task 4 - Federal Cybersecurity Contract) Location: Remote with occasional on-site (Washington, D.C. Metro Area) Employment Type: Full-Time Clearance: Public Trust (or eligibility to obtain) We are seeking an experienced Incident Response Analyst...Full timeContract workRemote workMonday to Friday
- ...covered, 401k, continued education, certifications maintenance and reimbursement and more. Who we’re looking for: We are seeking an Incident Response Lead to serve as the Subject Matter Expert (SME) on all cybersecurity matters, including high-level analysis, design,...Contract work
- We are seeking a Junior Incident Manager to coordinate the resolution of IT incidents and service requests. In this role, you will be the point of contact for restoring normal operations swiftly, minimizing business impact, and ensuring all processes align with Client...
$107k - $124k
...Cyber Defense Incident Responder - Senior Our client is seeking a Cyber Defense Incident Responder – Senior to work in our Washington, DC office. Responsibilities include: Lead, facilitate and advise via the Incident Response lifecycle across the Bureau of...Temporary workWork at officeLocal areaFlexible hoursMerit 321
Washington DC2 days ago- ...Young Oman is looking for a Cyber Triage and Forensics (CTF) Incident Analyst to be a senior member of the technical team handling security... ...include performing digital forensic analysis, responding to security incidents, and developing documentation. Ideal candidates...Flexible hours
- Blue Rose Consulting Group, Inc. is seeking Independent Licensed Mental Health Clinicians for an impactful role providing specialized mental health support to federal wildland firefighters. This 1099 contractor position offers unparalleled flexibility, allowing clinicians...Hourly payFor contractors
- Key Responsibilities War‑Room Facilitation: Structure/facilitate major incident bridges; maintain restoration focus; assign actions/owners; track progress to closure; enforce decision/messaging cadence. Process Execution & Standards: Maintain/enforce incident playbooks...Contract workWork experience placementWork at officeShift work
$75k - $89k
...Everforth ECS is seeking a Cyber Defense Incident Responder - Junior to work in our Washington, DC office. Everforth ECS Federal is a leading information security and information technology company in Fairfax, VA. We are looking to hire a Junior Cyber Defense Incident...Long term contractPermanent employmentFull timeWork at officeImmediate startECS Limited
Washington DC2 days ago- EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’...
- Cayuse Holdings is seeking an ITSM Incident Response Analyst to support and respond to incidents while collaborating with the Service Desk and Desktop support teams. This remote position emphasizes adherence to ITIL-aligned processes, ensuring effective incident management...Remote jobContract work
- GOEBEL FIXTURE COMPANY is seeking a Senior Security Operations Analyst in Washington, DC to safeguard digital assets and respond to security incidents. This role involves monitoring systems for threats, developing incident handling procedures, and ensuring compliance...
- Crisis24 is seeking a professional to monitor incidents and manage operational responses in Washington, D.C. You will oversee various public safety systems, respond to emergencies, and coordinate with the Protective Services Unit. The ideal candidate will have a graduate...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Incident Responder. Be the first to apply!
