Cyber Defense Incident Responder (Tier 2)

Resource Management Concepts, Inc.•Quantico, VA

6d•$120,000 - $130,000•Onsite

About The Position

Resource Management Concepts, Inc. (RMC) is seeking a Cyber Defense Incident Responder (Tier 2) to provide 24/7/365 cybersecurity monitoring and detection for a government enterprise network. This role involves conducting in-depth cyber investigations and responding to incidents across the network, utilizing advanced tools, and collaborating with global stakeholders to ensure network security and operational integrity. This is a fast-paced, high-impact position in a mission-critical environment.

Requirements

Must obtain and maintain an active Top Secret security clearance with SCI eligibility.
Can begin this position with verification of adjudicated Secret clearance eligibility.
DODD 8570 IAT Level II Certification
DODD 8570 CSSP Incident Responder Certification
At least 2+ years in cybersecurity, with hands-on experience in incident response or related roles.
Familiarity with tools such as Tanium, Elastic/Kibana, and Microsoft Defender for Endpoint.
Strong understanding of the DoD environment and cybersecurity frameworks.
Expertise in forensic analysis, threat hunting, and vulnerability assessment.
Excellent problem-solving abilities and attention to detail.
Strong communication skills for interacting with technical teams, leadership, and external stakeholders.

Responsibilities

Perform in-depth analysis of network and host artifacts (e.g., logs, system images, packet captures) to identify root causes, operational impacts, and enable rapid remediation of threats.
Assess the scope, urgency, and potential impact of incidents, identify vulnerabilities, and recommend effective mitigation strategies.
Manage incidents from detection to resolution, documenting actions and outcomes in compliance with DoD Cyber Incident Handling Program (CJCSM 6510.01B).
Conduct real-time forensic collections, intrusion correlation, threat analysis, and direct system remediation tasks.
Work closely with subordinate organizations, law enforcement, and counterintelligence teams on high-profile incidents and insider threat investigations.
Update incident response tactics, techniques, and procedures annually, and deliver quarterly training sessions to enhance team readiness.
Collaborate with Red Teams to validate and enhance incident response capabilities through realistic penetration testing exercises.
Maintain high standards in incident response, ensuring consistent quality and efficiency as assessed by government-defined metrics.