SOC / Incident Response Lead
$110k - $130kDevelopment InfoStructure
Company Overview Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and consulting services, specializing in cutting-edge technologies such as DevSecOps, AI, and Machine Learning. With over 30 years of experience, we have established ourselves as a trusted partner for government agencies, delivering tailored, mission-critical solutions that drive digital transformation and operational excellence. Our client-centric approach, coupled with our deep domain expertise and technical prowess, enables us to forge enduring relationships and consistently deliver high-impact, adaptive solutions that resonate with the unique needs of the public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security monitoring and incident response under the Information Security Program Support Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information Technology (OD OIT), responsible for leading Tier 1 detection and triage and Tier 2/3 forensics, threat hunting, and cyber threat intelligence across the NIH/OD-OIT managed environment. This role drives execution across incident detection, triage, investigation of suspected intrusions within 30 minutes, containment and recovery, digital forensics (NIST SP 800-86), malware analysis, and incident reporting in close coordination with NIH/OD OIT leadership and enterprise cybersecurity organizations. This is a full-time position with work performed primarily offsite, though travel to NIH/OD facilities in the Bethesda, MD area will be required on an as-needed basis. Core hours are Monday-Friday, 7:00 AM - 6:00 PM EST, and after-hours support for emergency incidents will be required as needed by NIH/OD. Position is contingent upon award and client approval. Primary Duties Lead 24x7 Security Operations Direct real-time, 24x7x365 security log collection, monitoring, alerting, and event analysis across the OIT-managed environment Perform incident triage on all incidents to determine scope, urgency, and operational impact Investigate suspected intrusions and suspicious activity within 30 minutes of detection Ensure accurate, consistent incident categorization and ticketing Direct Incident Response & Forensics Lead detection, triage, analysis, containment, eradication, recovery, and post-incident reporting Oversee Tier 2/3 digital forensics, evidence preservation, and chain of custody compliant with NIST SP 800-86 Conduct malware analysis, reverse engineering, and analysis of suspicious websites, emails, and payloads Deliver Security Incident Tickets/Reports within 1 hour of detection and Incident Response After Action Reports Advance Threat Hunting & Intelligence Lead Advanced Persistent Threat (APT) hunting across the managed environment Operate an active Cyber Threat Intelligence (CTI) program to collect, correlate, and disseminate relevant intelligence and IOCs Support collaboration with OCIO threat intelligence / Fusion Center activities Strengthen the SOC Provide engineering support to the SOC and Incident Response Team and ensure proper configuration of SOC-managed tools and agents Lead annual incident response tabletop exercises and implement lessons learned Produce the Monthly Forensic Activity Summary and related metrics Required Qualifications Education & Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience) Minimum 7 years in security operations / incident response, including SOC team leadership Demonstrated experience with digital forensics, malware analysis, and threat hunting in enterprise environments Required Certifications One or more incident response/forensics certifications: GCIH, GCIA, or GCFA (or comparable) CISSP strongly preferred Technical Skills Hands-on expertise with SIEM, EDR, and IDS/IPS platforms and security log analysis Forensic tooling and evidence handling consistent with NIST SP 800-86 and Federal Rules of Evidence Familiarity with US-CERT incident notification guidelines and federal reporting timelines Leadership Capabilities Calm, decisive leadership during active incidents and crisis coordination Strong written reporting and clear escalation communication Preferred Qualifications Experience supporting NIH/HHS or other federal SOC operations Cloud monitoring/IR experience (e.g., Azure, AWS) Experience standing up or maturing CTI programs Clearance Must be able to obtain and maintain the NIH/OD/OIT required clearance level and complete all suitability/onboarding requirements Salary Range $110,000 - $130,000 Devis is an AA/EOE/M/F/Disabled/VET Employer committed to providing equal employment opportunity without regard to an individual’s race, color, religion, age, gender, sexual orientation, veteran status, national origin or disability.
- ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers in Washington, DC. The ideal... ...cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like...Suggested
- A cybersecurity firm located in Falls Church, Virginia, seeks a Security Operations Center (SOC) Lead to manage daily security operations, coordinate incident response activities, and oversee SOC analysts. Candidates should have over 12 years of experience in cybersecurity...Suggested
- ...Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community... ...and post-incident follow-up activities. Coordinate with SOC, engineering, and program leadership to maintain response...SuggestedFull timeContract workPart timeShift workNight shift
$116.9k - $243.1k
...Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle... ...’s security posture. Key Responsibilities Lead CIRT operations in... ...incident response Manage all SOC investigations, including misuse...SuggestedLive inWork at officeLocal area$130k - $170k
ActioNet, Inc. is seeking a Tier 3 Cybersecurity Analyst in Rockville, Maryland. This senior role in the SOC focuses on advanced threat detection, incident response, and forensic analysis. Candidates must have at least 8 years of experience and a bachelor's degree in relevant...Suggested- ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world...Immediate startFlexible hours
- ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’...
- ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data...Contract work
- Itlearn360 is seeking a SOC Security Analyst L3 to work from its College Park, Maryland office for four days a week. This role is vital... ...threats faced by global customers. You'll analyze alerts, lead investigations, and mentor junior analysts while contributing to...Work at office
$116.9k - $243.1k
A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity...- Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience...
- A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and...
- byebyeoffice is seeking a Cybersecurity Engineer / Team Lead in Arlington (REMOTE). In this role, you will provide technical leadership... ...experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the...Remote job
$207k - $301k
Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in...- cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications: ~ Public...Full timeRemote work
- ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along...
- ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has...
- Nightwing is seeking an Enterprise Architect and Project Lead to support critical cyber-incident response missions for U.S. Government clients. This role involves leading technology insertion teams, developing workflows, and delivering strategic planning documentation....
$195k - $205k
...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree...- ...seeking a highly skilled and mission-focused SOC Lead to oversee the daily operations of the... ...for stakeholders at all levels. Key Responsibilities Lead, mentor, and manage SOC analysts... ...analysis, and response to cybersecurity incidents, serving as the escalation point for...Contract workFor contractors
- ...Overview Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a... ...accountability for day-to-day incident response operations, providing leadership and direction... ...include coordinating with SOC teams, ISSOs, and AOs, integrating threat...Contract workFlexible hours
- ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write...For contractors
$138k - $209k
AIS (Applied Information Sciences) is seeking a qualified Security Architect to lead incident response activities and manage cybersecurity threats effectively. The candidate will develop strategies, frameworks, and ensure adherence to security protocols, working closely...- Powder River Industries is seeking a skilled SOC Lead to oversee the Security Operations Center operations. You will guide a team... ...leading SOC teams and is proficient in threat detection and incident response. Benefits include medical, dental, vision, and 401k. #J-188...
- Powder River Industries is seeking a mission-driven NOC Lead in Washington, DC, to ensure the operational integrity of IT services. This role involves overseeing performance, managing incidents, and leading a team for continuous improvement. The ideal candidate has expertise...For contractorsNight shift
- A leading health technology company is seeking a Cybersecurity Expert for its operations in Nashville, TN or Cambridge... ...will lead the development of a FedRAMP-compliant SOC, manage incident detection and response, and collaborate on complex security solutions. Candidates...
- Evolver Federal is seeking a Lead Project/Program Manager in Washington, DC to oversee a comprehensive cybersecurity program... ...for a federal client. This role requires leadership in SOC services, incident response, and compliance with federal standards like NIST. Key responsibilities...
- KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders...
- ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a...
$140k - $160k
...Job Description Job Description SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical... ...Decisions is seeking an experienced Tier 2 Shift Lead for the Cyber Incident Response Team to support our customer's Federal Strategic Cyber Mission...Contract workLocal areaAll shiftsShift work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to SOC / Incident Response Lead. Be the first to apply!

