Incident Responder, Senior

We are seeking a highly skilled and innovative Incident Responder to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities Lead detection, containment, eradication, and recovery activities for cybersecurity incidents across enterprise and mission systems. Conduct root‑cause analysis, threat actor attribution, and technical investigations to determine scope, impact, and remediation requirements. Coordinate cross‑functional response efforts with SOC, CIRT, network, engineering, legal, and leadership stakeholders to execute containment and recovery actions. Preserve and document evidentiary artifacts, maintain chain‑of‑custody, and ensure forensic integrity for investigations and potential legal/counterintelligence use. Develop and execute remediation validation plans, confirm eradication, and oversee system recovery and hardening activities. Produce executive briefings, incident timelines, after‑action reports, and recommended long‑term remediation strategies to inform risk management and defensive improvements. Drive improvements to incident response playbooks, detection content, and response workflows based on lessons learned and threat trends. Mentor response teams, lead exercises/tabletops, and maintain readiness metrics and response KPIs. #ENOCS Qualifications Qualifications 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD Clearance: Active TS/SCI clearance. Candidate must meet ONE of the following: Master’s degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR Relevant DoD/military training (examples: 4‑11‑C32‑255S (CP); 4C‑255N (CP); 4C‑255A (CP)); OR Relevant professional certification or equivalent experience (examples: CFR, CySA+, GCFA, GCIA, GICSP). Required experience and skills: Incident response, digital forensics, or advanced cyber operations experience with senior incident response roles. Demonstrated expertise in forensic collection/analysis, memory/disk forensics, packet analysis, EDR/XDR, and incident attribution techniques. Proven ability to coordinate enterprise responses, produce decision‑grade incident reports/AARs, and brief senior leadership. Strong knowledge of RMF/ATO evidence requirements, chain‑of‑custody, legal/privilege considerations, and DoD incident reporting channels. Experience developing remediation roadmaps, validating fixes, and driving cross‑organizational corrective actions. Desired: Prior DoD/Army/ARNG CIRT leadership or senior incident commander experience. Experience integrating threat intelligence and hunt team outputs into incident investigations and detection engineering. Certifications such as CFR, GCFA, or other advanced forensic/incident response credentials. #ENOCS Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.