Cyber Incident Response Team (CIRT) Lead
About The Position
This position is contingent upon contract award SOSi is seeking highly qualified senior professionals to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities. Job Description Leads the end-to-end incident response function for the DHS enterprise SOC, coordinating triage, containment, eradication, and recovery; drives tool efficacy (SIEM/EDR/IDS/IPS), case management, and communications with stakeholders.
Requirements
- Education : Bachelor’s degree OR 8 years of directly relevant experience in lieu of a degree.
- Experience : 5+ years across cyber/IR/security engineering/network engineering/architecture (8+ preferred for lead roles).
- Certifications (Required): CISSP and at least one of GCIA, GCIH, GCFA, GCED; or DoD 8570 IAT Level III equivalent.
- Technical Proficiency : SIEM, EDR, IPS/IDS, and case management platforms.
- Clearance : TS, SCI-eligible.
Responsibilities
- Lead incident detection, analysis, escalation, and coordinated response across SOC towers.
- Standardize IR runbooks, playbooks, and communications; ensure evidence handling and documentation.
- Measure and improve MTTA/MTTR; track lessons learned and corrective actions.
- Ensure IR alignment to DHS/CBP policy and reporting requirements.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
