Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

SOC / Incident Response Lead

$110k - $130k
Full-time

Development InfoStructure

Company Overview Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and consulting services, specializing in cutting-edge technologies such as DevSecOps, AI, and Machine Learning. With over 30 years of experience, we have established ourselves as a trusted partner for government agencies, delivering tailored, mission-critical solutions that drive digital transformation and operational excellence. Our client-centric approach, coupled with our deep domain expertise and technical prowess, enables us to forge enduring relationships and consistently deliver high-impact, adaptive solutions that resonate with the unique needs of the public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for 24x7x365 security monitoring and incident response under the Information Security Program Support Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information Technology (OD OIT), responsible for leading Tier 1 detection and triage and Tier 2/3 forensics, threat hunting, and cyber threat intelligence across the NIH/OD-OIT managed environment. This role drives execution across incident detection, triage, investigation of suspected intrusions within 30 minutes, containment and recovery, digital forensics (NIST SP 800-86), malware analysis, and incident reporting in close coordination with NIH/OD OIT leadership and enterprise cybersecurity organizations. This is a full-time position with work performed primarily offsite, though travel to NIH/OD facilities in the Bethesda, MD area will be required on an as-needed basis. Core hours are Monday-Friday, 7:00 AM - 6:00 PM EST, and after-hours support for emergency incidents will be required as needed by NIH/OD. Position is contingent upon award and client approval. Primary Duties Lead 24x7 Security Operations Direct real-time, 24x7x365 security log collection, monitoring, alerting, and event analysis across the OIT-managed environment Perform incident triage on all incidents to determine scope, urgency, and operational impact Investigate suspected intrusions and suspicious activity within 30 minutes of detection Ensure accurate, consistent incident categorization and ticketing Direct Incident Response & Forensics Lead detection, triage, analysis, containment, eradication, recovery, and post-incident reporting Oversee Tier 2/3 digital forensics, evidence preservation, and chain of custody compliant with NIST SP 800-86 Conduct malware analysis, reverse engineering, and analysis of suspicious websites, emails, and payloads Deliver Security Incident Tickets/Reports within 1 hour of detection and Incident Response After Action Reports Advance Threat Hunting & Intelligence Lead Advanced Persistent Threat (APT) hunting across the managed environment Operate an active Cyber Threat Intelligence (CTI) program to collect, correlate, and disseminate relevant intelligence and IOCs Support collaboration with OCIO threat intelligence / Fusion Center activities Strengthen the SOC Provide engineering support to the SOC and Incident Response Team and ensure proper configuration of SOC-managed tools and agents Lead annual incident response tabletop exercises and implement lessons learned Produce the Monthly Forensic Activity Summary and related metrics Required Qualifications Education & Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience) Minimum 7 years in security operations / incident response, including SOC team leadership Demonstrated experience with digital forensics, malware analysis, and threat hunting in enterprise environments Required Certifications One or more incident response/forensics certifications: GCIH, GCIA, or GCFA (or comparable) CISSP strongly preferred Technical Skills Hands-on expertise with SIEM, EDR, and IDS/IPS platforms and security log analysis Forensic tooling and evidence handling consistent with NIST SP 800-86 and Federal Rules of Evidence Familiarity with US-CERT incident notification guidelines and federal reporting timelines Leadership Capabilities Calm, decisive leadership during active incidents and crisis coordination Strong written reporting and clear escalation communication Preferred Qualifications Experience supporting NIH/HHS or other federal SOC operations Cloud monitoring/IR experience (e.g., Azure, AWS) Experience standing up or maturing CTI programs Clearance Must be able to obtain and maintain the NIH/OD/OIT required clearance level and complete all suitability/onboarding requirements Salary Range $110,000 - $130,000 Devis is an AA/EOE/M/F/Disabled/VET Employer committed to providing equal employment opportunity without regard to an individual’s race, color, religion, age, gender, sexual orientation, veteran status, national origin or disability.

Vacancy posted 8 hours ago
Similar jobs that could be interesting for youBased on the SOC / Incident Response Lead in Bethesda, MD vacancy
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers in Washington, DC. The ideal...  ...cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like... 
    Suggested

    Accenture

    Washington DC
    4 days ago
  • A cybersecurity firm located in Falls Church, Virginia, seeks a Security Operations Center (SOC) Lead to manage daily security operations, coordinate incident response activities, and oversee SOC analysts. Candidates should have over 12 years of experience in cybersecurity... 
    Suggested

    ZTI Solutions LLC

    Falls Church, VA
    1 day ago
  •  ...Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community...  ...and post-incident follow-up activities. Coordinate with SOC, engineering, and program leadership to maintain response... 
    Suggested
    Full time
    Contract work
    Part time
    Shift work
    Night shift

    Rividium Inc

    Alexandria, VA
    8 days ago
  • $116.9k - $243.1k

     ...Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle...  ...’s security posture. Key Responsibilities Lead CIRT operations in...  ...incident response Manage all SOC investigations, including misuse... 
    Suggested
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    4 days ago
  • $130k - $170k

    ActioNet, Inc. is seeking a Tier 3 Cybersecurity Analyst in Rockville, Maryland. This senior role in the SOC focuses on advanced threat detection, incident response, and forensic analysis. Candidates must have at least 8 years of experience and a bachelor's degree in relevant... 
    Suggested

    ActioNet, Inc.

    Rockville, MD
    3 days ago
  •  ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world... 
    Immediate start
    Flexible hours

    S-RM Intelligence and Risk Consulting

    Washington DC
    4 days ago
  •  ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’... 

    EmergencyMD

    Washington DC
    5 days ago
  •  ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data... 
    Contract work

    Navstar

    Washington DC
    7 days ago
  • Itlearn360 is seeking a SOC Security Analyst L3 to work from its College Park, Maryland office for four days a week. This role is vital...  ...threats faced by global customers. You'll analyze alerts, lead investigations, and mentor junior analysts while contributing to... 
    Work at office

    Itlearn360

    College Park, MD
    5 days ago
  • $116.9k - $243.1k

    A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity... 

    Accenture

    Arlington, VA
    4 days ago
  • Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience... 

    Kapili Services, LLC

    Arlington, VA
    3 days ago
  • A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and... 

    Zantech

    Arlington, VA
    5 days ago
  • byebyeoffice is seeking a Cybersecurity Engineer / Team Lead in Arlington (REMOTE). In this role, you will provide technical leadership...  ...experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the... 
    Remote job

    byebyeoffice

    Arlington, VA
    2 days ago
  • $207k - $301k

    Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in... 

    Google

    Washington DC
    3 days ago
  • cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications: ~ Public... 
    Full time
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    3 days ago
  •  ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along... 

    Insight Global

    Arlington, VA
    1 day ago
  •  ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has... 

    Accenture

    Arlington, VA
    5 days ago
  • Nightwing is seeking an Enterprise Architect and Project Lead to support critical cyber-incident response missions for U.S. Government clients. This role involves leading technology insertion teams, developing workflows, and delivering strategic planning documentation.... 

    Nightwing

    Arlington, VA
    2 days ago
  • $195k - $205k

     ...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree... 

    Akima

    Alexandria, VA
    5 days ago
  •  ...seeking a highly skilled and mission-focused SOC Lead to oversee the daily operations of the...  ...for stakeholders at all levels. Key Responsibilities Lead, mentor, and manage SOC analysts...  ...analysis, and response to cybersecurity incidents, serving as the escalation point for... 
    Contract work
    For contractors

    Powder River Industries LLC

    Washington DC
    5 days ago
  •  ...Overview Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a...  ...accountability for day-to-day incident response operations, providing leadership and direction...  ...include coordinating with SOC teams, ISSOs, and AOs, integrating threat... 
    Contract work
    Flexible hours

    EmergencyMD

    Washington DC
    5 days ago
  •  ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write... 
    For contractors

    NewGen Technologies

    Arlington, VA
    1 day ago
  • $138k - $209k

    AIS (Applied Information Sciences) is seeking a qualified Security Architect to lead incident response activities and manage cybersecurity threats effectively. The candidate will develop strategies, frameworks, and ensure adherence to security protocols, working closely... 

    AIS (Applied Information Sciences)

    Alexandria, VA
    4 days ago
  • Powder River Industries is seeking a skilled SOC Lead to oversee the Security Operations Center operations. You will guide a team...  ...leading SOC teams and is proficient in threat detection and incident response. Benefits include medical, dental, vision, and 401k. #J-188... 

    Powder River Industries LLC

    Washington DC
    4 days ago
  • Powder River Industries is seeking a mission-driven NOC Lead in Washington, DC, to ensure the operational integrity of IT services. This role involves overseeing performance, managing incidents, and leading a team for continuous improvement. The ideal candidate has expertise... 
    For contractors
    Night shift

    Powder River Industries LLC

    Washington DC
    4 days ago
  • A leading health technology company is seeking a Cybersecurity Expert for its operations in Nashville, TN or Cambridge...  ...will lead the development of a FedRAMP-compliant SOC, manage incident detection and response, and collaborate on complex security solutions. Candidates... 

    Philips Iberica SAU

    Washington DC
    3 days ago
  • Evolver Federal is seeking a Lead Project/Program Manager in Washington, DC to oversee a comprehensive cybersecurity program...  ...for a federal client. This role requires leadership in SOC services, incident response, and compliance with federal standards like NIST. Key responsibilities... 

    EmergencyMD

    Washington DC
    4 days ago
  • KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders... 

    KellyMitchell Group

    Bethesda, MD
    3 days ago
  •  ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a... 

    EmergencyMD

    Rockville, MD
    1 day ago
  • $140k - $160k

     ...Job Description Job Description SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical...  ...Decisions is seeking an experienced Tier 2 Shift Lead for the Cyber Incident Response Team to support our customer's Federal Strategic Cyber Mission... 
    Contract work
    Local area
    All shifts
    Shift work

    SkyePoint Decisions

    Beltsville, MD
    a month ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to SOC / Incident Response Lead. Be the first to apply!