Incident Manager Level III (Computer Network Defense) Requires US Security clearance

Argo Cyber Systems•Arlington, VA

19d•Onsite

About The Position

Argo Cyber Systems delivers mission-critical cybersecurity and incident response services to U.S. Government agencies and critical infrastructure sectors. Our teams provide rapid onsite and remote technical support to organizations affected by cyberattacks, conducting advanced investigations, developing mitigation strategies, and restoring operational integrity. At Argo Cyber, we don't just respond to incidents - we strengthen the nation's resilience against them. Our analysts work side by side with DHS and civilian agency partners to safeguard essential systems and data from persistent and emerging threats. Argo Cyber Systems is seeking an experienced Cyber Incident Manager to lead and coordinate incident response operations for a high-profile U.S. Government customer. The Incident Manager will oversee the triage, analysis, and resolution of cybersecurity events across federal civilian networks and critical assets. This role requires a mix of technical depth, investigative skill, and the ability to synthesize complex data into actionable recommendations for both technical and executive audiences.

Requirements

U.S. Citizenship (required)
Active TS/SCI clearance (required)
Ability to obtain DHS Entry on Duty (EOD) Suitability
5+ years of hands-on experience in cyber incident management or SOC/DFIR operations
Deep understanding of incident response methodologies , containment strategies, and recovery workflows
Working knowledge of NIST SP 800-61 Rev.2 (Computer Security Incident Handling Guide) and FISMA incident reporting standards
Strong ability to analyze, prioritize, and document incidents , including phishing, lateral movement, and privilege escalation cases
Comprehensive understanding of cyberattack lifecycle stages and adversary tactics, techniques, and procedures (TTPs)
Proficiency in identifying vulnerabilities, threat vectors, and exploitation patterns
Knowledge of operating system hardening, network defense, and system administration fundamentals
Familiarity with nation-state, criminal, and opportunistic threat actor profiles and their operational tradecraft
Excellent communication, coordination, and leadership skills in high-pressure, mission-driven environments

Nice To Haves

Proficiency with enterprise SIEM, EDR, and incident management platforms (e.g., Splunk, SentinelOne, CrowdStrike, ServiceNow)
Experience leading shift-based operations or 24x7 response teams
Deep knowledge of malware, intrusion detection, and threat hunting techniques
Familiarity with log analysis, packet capture, and intrusion detection systems (IDS/IPS)
Strong understanding of MITRE ATT&CK framework and cyber kill chain methodology

Responsibilities

Lead and manage incident response and cyber defense operations , ensuring timely containment, eradication, and recovery.
Correlate and analyze incident data to identify trends, adversary tactics, and systemic vulnerabilities.
Conduct Computer Network Defense (CND) triage , assessing scope, urgency, and operational impact of security events.
Develop and recommend Defense-in-Depth strategies , layered defense architectures, and resilience improvements.
Research and document resolutions and mitigations to support enterprise recovery and strengthen future defenses.
Apply cybersecurity and threat intelligence concepts to detect, analyze, and respond to intrusions in both small and large-scale network environments.
Monitor and assess external threat data sources to maintain situational awareness and anticipate potential impacts to the enterprise.
Lead the investigation of incident root causes , infection vectors, and attacker methodologies.
Receive, analyze, and validate security alerts from enterprise monitoring tools, escalating as appropriate.
Track and document all incident response activities from detection through closure, ensuring comprehensive reporting and lessons learned.
Support continuous improvement by refining processes, updating playbooks , and mentoring junior analysts.