Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Incident Responder

Evolver Federal

Lead Incident Responder

Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential government client. The Lead Incident Responder serves as the central point of accountability for day-to-day incident response operations, providing leadership and direction in high-pressure environments. This role emphasizes measurable outcomes such as MTTR reduction and compliance audit success while ensuring rapid detection, containment, eradication, and recovery from security incidents. The Lead Incident Responder will maintain compliance with federal cybersecurity frameworks (NIST 800-series, RMF, TIC 3.0), lead investigations into complex threats, and deliver compliance reporting to federal stakeholders. Responsibilities include coordinating with SOC teams, ISSOs, and AOs, integrating threat intelligence and forensic analysis into response processes, and driving continuous improvement to strengthen organizational resilience against evolving cyber threats. This position requires deep technical expertise, strong leadership skills, and the ability to align incident response operations with performance-based federal requirements.

Responsibilities:

  • Lead end-to-end incident response activities, including detection, triage, containment, eradication, and recovery.
  • Direct investigations of advanced threats, including APTs, ransomware, and insider threats.
  • Lead tabletop exercises and incident simulations for federal agencies.
  • Coordinate with SOC analysts, engineering teams, and federal stakeholders during major incidents.
  • Develop and maintain incident response playbooks, escalation procedures, and forensic methodologies.
  • Ensure alignment with Zero Trust Architecture principles.
  • Perform root cause analysis and recommend corrective actions to prevent recurrence.
  • Integrate threat intelligence into incident response workflows to enhance detection and mitigation.
  • Oversee digital forensics and evidence handling for legal and compliance requirements.
  • Prepare and deliver executive-level incident reports and post-incident reviews.
  • Support continuous improvement initiatives, including automation of incident response processes.
  • Ensure compliance with federal cybersecurity frameworks (NIST 800-series, RMF, FISMA) and organizational policies.

Basic Qualifications:

  • Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience and 4 years' experience in IT Solutions at senior management
  • Certified Information Systems Security Professional (CISSP)
  • Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker, or similar certifications
  • Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended)
  • Information Technology Infrastructure Library (ITIL) 4 Foundation
  • 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical BPAs/contracts
  • US Citizen with the ability to pass a comprehensive government background check

Preferred Qualifications:

  • Experience managing or supporting cybersecurity operations, including SOC functions, in a federal or highly regulated environment
  • Experience leading cybersecurity programs within federal civilian agencies
  • Master's degree in a technical or management-related field
  • CISM or GIAC certifications (e.g., GCFA, GCIH)
  • Experience with FedRAMP and CISA directives for federal compliance
  • Experience with performance-based contracts and cross-functional team leadership
  • Strong communication skills, including experience delivering executive briefings and incident communications
  • Hands-on experience with SIEM (Splunk, Elastic), SOAR (Cortex XSOAR), and EDR platforms (CrowdStrike, Microsoft Defender).
  • Expertise in malware analysis, reverse engineering, and memory forensics.
  • Familiarity with cloud incident response and hybrid environments (AWS, Azure).
  • Experience leading large-scale incident response efforts in federal or critical infrastructure environments.
  • Experience with federal procurement processes and contract deliverables
  • Hands-on experience with Fed IT programs' SELC/SDLC
  • Knowledge of threat hunting methodologies and proactive detection strategies.
  • Ability to mentor junior responders and build a high-performing incident response team.
  • Understanding of advanced attack techniques, including lateral movement and privilege escalation.
  • Experience with automation tools for incident response and threat containment.

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Lead Incident Responder in Washington DC vacancy
  • $86.6k - $181.8k

    CACI International Inc is actively seeking an experienced Incident Responder to support a DoD client in Suitland, MD. This critical role involves managing the entire incident lifecycle from detection to recovery, ensuring the integrity and security of data while collaborating... 
    Suggested

    CACI International

    Suitland, MD
    3 days ago
  • S2i2, Inc. is seeking a Cyber Defense Incident Responder (Advanced) to lead teams in technical threat detection and incident response operations. This role involves leading efforts in threat intelligence, mentoring junior analysts, and ensuring high standards in complex... 
    Suggested

    S2i2, Inc

    Arlington, VA
    13 days ago
  • $175k - $180k

     ...Job Description Job Description Job Title Lead Cyber Defense Incident Responder Clearance TS/SCI (active, required) Location Arlington, VA On-site Salary Range $175,000 to $180,000 Certification Required DoD 8570 / DoD 8140 IAT Level II One... 
    Suggested
    Weekend work

    S2i2 Inc

    Arlington, VA
    4 days ago
  •  ...problem-solving people-person, apply today! Location: Washington, DC Position Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain critical security documentation and ensure compliance with government standards for various systems.... 
    Suggested
    Contract work
    For contractors
    Work at office
    Local area

    DirectViz Solutions, LLC

    Washington DC
    25 days ago
  •  ...role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity...  ...building a team to meet this challenge. We’re quick to respond, innovate, and improve. We don’t get too hung up on... 
    Suggested
    Immediate start
    Flexible hours

    S-RM Intelligence and Risk Consulting

    Washington DC
    3 days ago
  •  ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’... 

    EmergencyMD

    Washington DC
    4 days ago
  • Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience... 

    Kapili Services, LLC

    Arlington, VA
    2 days ago
  • $138k - $209k

     ...projects that matter, alongside industry‑leading experts, in an environment that fosters...  ...support the unique needs of our client as an Incident Management Lead. Project Summary The...  ...teams in identifying, analyzing, and responding to cybersecurity threats. This role will... 
    Contract work
    Temporary work

    AIS (Applied Information Sciences)

    Alexandria, VA
    3 days ago
  • Full-Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community and Family Policy (MC&FP). This role supports IT, Cybersecurity, and Data Operations - Core Operations and helps... 
    Full time
    Contract work
    Part time
    Shift work
    Night shift

    Rividium Inc

    Alexandria, VA
    2 days ago
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers...  ...+ years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and... 

    Accenture

    Washington DC
    3 days ago
  •  ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data... 
    Contract work

    Navstar

    Washington DC
    1 day ago
  • $70k - $85k

    St Johns Community Services in Washington, DC is looking for a qualified individual to lead incident management coordination and staff training. This role requires knowledge of community services policies and effective communication with diverse backgrounds. The successful... 

    St Johns Community Services

    Washington DC
    4 days ago
  • $116.9k - $243.1k

    A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity... 

    Accenture

    Arlington, VA
    3 days ago
  • $207k - $301k

    Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in... 

    Google

    Washington DC
    2 days ago
  • $100.45k - $157.85k

    Dormont Manufacturing Co is seeking a GSOC Team Lead in Bethesda, Maryland. This role involves overseeing daily operations, managing incident response and coordinating training for GSOC operators. Candidates should have 1-2 years of relevant experience and a degree in Cybersecurity... 

    Dormont Manufacturing Company

    Bethesda, MD
    4 days ago
  • byebyeoffice is seeking a Cybersecurity Engineer / Team Lead in Arlington (REMOTE). In this role, you will provide technical leadership...  ...experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across... 
    Remote job

    byebyeoffice

    Arlington, VA
    6 days ago
  • $116.9k - $243.1k

     ...positive, lasting change that moves missions and the government forward! Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle of cybersecurity investigations, from detection to resolution,... 
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    3 days ago
  • Powder River Industries is seeking a mission-driven NOC Lead in Washington, DC, to ensure the operational integrity of IT services. This role involves overseeing performance, managing incidents, and leading a team for continuous improvement. The ideal candidate has expertise... 
    For contractors
    Night shift

    Powder River Industries LLC

    Washington DC
    3 days ago
  • A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and... 

    Zantech

    Arlington, VA
    4 days ago
  • GOEBEL FIXTURE COMPANY is seeking a Senior Security Operations Analyst in Washington, DC to safeguard digital assets and respond to security incidents. This role involves monitoring systems for threats, developing incident handling procedures, and ensuring compliance... 

    GOEBEL FIXTURE COMPANY

    Washington DC
    7 days ago
  •  ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along... 

    Insight Global

    Arlington, VA
    5 days ago
  •  ...Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has a minimum of 4 years of experience in Digital Forensics... 

    Accenture

    Arlington, VA
    4 days ago
  • Nightwing is seeking an Enterprise Architect and Project Lead to support critical cyber-incident response missions for U.S. Government clients. This role involves leading technology insertion teams, developing workflows, and delivering strategic planning documentation.... 

    Nightwing

    Arlington, VA
    6 days ago
  • $110k - $130k

     ...Company Overview Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and...  ...unique needs of the public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security... 
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    4 days ago
  • $195k - $205k

     ...complex IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities...  ...preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree... 

    Akima

    Alexandria, VA
    4 days ago
  • A federal program contractor is seeking a Host Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee... 
    For contractors

    NewGen Technologies

    Arlington, VA
    5 days ago
  •  ...The Advanced Problem Resolution (APR) Lead is responsible for overall project management...  ...personnel covered under the contract. Respond to administrative and technical requests...  ...documentation, and trend analysis for recurring incidents. Support migration initiatives and... 
    Full time
    Contract work
    Work at office

    Leader Communications

    Alexandria, VA
    3 days ago
  • $80k - $85k

     ...Production Support Engineer based in the United States who can work remotely. The role involves monitoring applications and resolving incidents in production environments, requiring 8-10 years of experience in production support. Key responsibilities include managing... 
    Remote job

    Cognizant

    Washington DC
    3 days ago
  •  ...Service Desk Incident Manager Clearance Required : Secret Clearance Locations: Adelphi (Onsite) Position Overview The Service Desk Incident...  ...to Tier 2 or supervisory staff. Collaborate with Service Desk Leads and IT teams to prioritize and coordinate resolution efforts.... 

    HRB

    Hyattsville, MD
    1 day ago
  •  ...changes made to the database objects. Monitor Database alerts and respond to issues and errors. Assess, develop, and improve database...  ...from the DBA perspective. Assisting to resolve day to day incidents with our assets. About The Team This is an amazing... 
    Permanent employment
    Full time
    Work at office
    2 days per week
    3 days per week

    Clarivate

    Alexandria, VA
    13 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Incident Responder. Be the first to apply!