Incident Response Expert III

Incident Response Expert III (Cyber Eviction Analysts) Location: Washington DC Metro Area (On-Site) Citizenship: US only Clearance: Active TS/SCI (DHS EOD Suitability required) Company: Argo Cyber Systems, LLC – Service-Disabled Veteran-Owned Small Business (SDVOSB) About Argo Cyber Systems Argo Cyber Systems provides mission-critical cybersecurity support to U.S. Government agencies and critical infrastructure owners nationwide. Our teams deliver rapid incident response, advanced forensics, and coordinated recovery operations to protect vital systems from evolving cyber threats. We combine technical precision with operational agility—helping federal partners identify, contain, and recover from complex cyber incidents with speed and confidence. Position Overview The DHS’s Hunt and Incident Response Team (HIRT) secures the nation’s infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactive hunting for malicious cyber activity. Argo Cyber Systems provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. Argo Cyber provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans. Argo Cyber is seeking Cyber Eviction Analysts to support this critical customer mission. Responsibilities Serves as hunt and incident response subject matter expert (SME), applying in-depth knowledge on threat actor (TA) tools, techniques, and procedures (TTPs) Distills analytic findings into executive summaries and in-depth technical reports Provide expert support, analysis, and research with only broad direction into exceptionally complex problems and processes relating to the subject matter as it relates to hunt and incident response activities Serves as technical expert on high-level incident response teams providing technical direction, interpretation, and alternatives Exercises considerable latitude in determining technical objectives of an assignment or task at hand Independently develops technical solutions to complex problems that require the regular use of ingenuity and creativity Analyzes incident data and victim environments to recommend targeted mitigations Advise technical personnel on countermeasure implementation and customization Supports internal stakeholders on containment and eradication missions Documents analysis in a standardized knowledgebase for sharing and publication Assists in maintaining branch process and procedure documentation Guides the completion of hunt and incident response activities Required Skills U.S. Citizenship Must have an active TS/SCI clearance Must be able to obtain DHS Suitability 8+ years of directly relevant experience in the area of expertise Must be able to travel domestically on short notice Strong understanding of network architecture/security Experience performing cyber incident response Ability to think independently Demonstrates superior written and oral communication skills Must be able to work collaboratively across physical locations Skilled in identifying different classes of attacks and attack stages Understanding of system and application security threats and vulnerabilities Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources Proficiency with common operating systems (e.g., Linux/Unix, Windows) Desired Skills Experience leading and mentoring technical teams Knowledge of Computer Network Defense policies, procedures and regulations Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored]) Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code) Network and System administration experience Strong understanding of adversarial tactics/techniques/procedures (TTPs) Experience with Identity and Access Management (IAM) tools Ability to review and analyze Enterprise Architecture (EA) from a security perspective Understanding of cyber defense-in-depth principles Hands‑on skill in host/network intrusion detection Ability to perform event correlation Experience with malicious activity analysis Ability to collaborate with stakeholders at multiple levels within an organization Required Education BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of technical experience in the area of expertise. Desired Certifications DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder DoD 8140.01 CEH, CSSP Analyst SANS GIAC GNFA preferred SANS GRID, GICSP, or GCIP a plus Why Join Argo As part of Argo Cyber Systems, you will serve at the forefront of national cyber defense—protecting civilian agencies and high-value assets from persistent and emerging threats. You'll join a veteran-founded, mission-driven team dedicated to operational excellence, collaboration, and innovation in the cyber domain. Background & Drug Screening Disclaimer Argo Cyber Systems, LLC is committed to maintaining a safe, secure, and trusted workplace for all employees and our federal clients. Employment with Argo Cyber Systems is contingent upon successful completion of all required background investigations and pre‑employment screenings, which may include, but are not limited to: Criminal background checks (federal, state, and local) Employment and education verification Reference checks Drug screening (in compliance with federal and state law) Security clearance verification (as applicable for classified positions) Candidates selected for employment in positions requiring access to sensitive or classified information may also be subject to additional U.S. Government background investigations and security adjudication processes, including DHS Entry on Duty (EOD) suitability or equivalent federal clearance requirements. Argo Cyber Systems reserves the right to disqualify or rescind an offer of employment based on the results of any background or screening process that, in the company's judgment, may impact an individual's ability to perform essential job functions or meet contractual obligations. All background investigations and screenings are conducted in accordance with applicable federal, state, and local laws, including the Fair Credit Reporting Act (FCRA). Candidates will be notified of their rights and provided an opportunity to review and dispute any adverse findings before final employment determinations are made. Salary: $100,000 - $125,000 per year #J-18808-Ljbffr ARGO Cyber Systems