Senior Cybersecurity Incident Response Administrator - Senior w/Secret Clearance

About The Position

Requirements

• Ten (10) or more years of experience in Cybersecurity, Incident Response, or closely related technical areas.
• Extensive knowledge with Army enterprise cybersecurity tools, SIEM platforms, and monitoring systems.
• High proficiency in building and managing SIEM dashboards, ingesting relevant data, and generating alerts.
• Demonstrated expertise in investigating and responding to cybersecurity events and anomalies.
• Proven experience developing audit-ready reports to meet regulatory and security requirements.
• Strong working knowledge of PKI infrastructure, digital certificates, and encryption protocols.
• Familiarity with reviewing and responding to Army Cyber Tasking Orders (CTOs) and collaborating with Cybersecurity Service Providers (CSSPs).
• Experience with DoD/Army cybersecurity compliance standards and the Risk Management Framework (RMF).
• Hands-on involvement in application security, SW assurance, and secure system design evaluations
• Experience with incident response coordination, evidence handling, and containment procedures.
• Understanding Engineering Change Proposals (ECPs) and Configuration Management (CM)
• Knowledge of Continuity of Operations Plans (COOP) and associated communication protocols.
• Strong analytical, communication, and cross-team collaboration skills
• Must hold a current Cybersecurity Certification such as: CISSP (Certified Information Systems Security Professional). ISSEP (Information Systems Security Engineering Professional). CompTIA Security+. CEH (Certified Ethical Hacker).
• Secret – IT-II Non-Critical Sensitive Clearance or Tier 3 (T3) investigation.

Nice To Haves

• Bachelor’s degree in computer science, Information Security, or a related technical field—or equivalent years of experience.

Responsibilities

• Manage, configure, and maintain Security Information and Event Management (SIEM) systems to meet DoD and Army cybersecurity requirements.
• Deploy, install, and maintain infrastructure components that support SIEM functionality and event log ingestion.
• Create and manage SIEM dashboards that provide clear, actionable visualizations for detecting security anomalies in near real-time.
• Monitor SIEM dashboards to detect threats and abnormal behavior; investigate events and escalate incidents as necessary.
• Develop custom reports and queries to support audit requirements and validate security controls.
• Provide Public Key Infrastructure (PKI) support, including management of SSL/TLS certificates and related cryptographic services.
• Monitor and enforce DoD and Army web application security standards and best practices.
• Review and respond to Army Cyber Tasking Orders (CTOs) and coordinate actions with Army Cyber Security Service Providers (CSSPs).
• Participate in Software Assurance (SwA) reviews to validate audit logs and application security events.
• Evaluate Information Systems Design Plans, architecture diagrams, and configuration documentation for compliance with applicable cybersecurity policies, regulations, and best practices.
• Support incident response workflows and collaborate with other cybersecurity stakeholders to ensure rapid containment and recovery.

Benefits

• We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.