Senior Cybersecurity Incident Response Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Bering Straits Native Corporation (BSNC) · 1 month ago

Senior Cybersecurity Incident Response Specialist

positionMacon, GA
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Bering Professional Services (BSPS), a company within the BSNC family, is currently seeking a Senior Cybersecurity Incident Response Specialist to work with our federal client. The ideal candidate will serve as an incident responder on the federal agency client’s in-house Security Operations Center (SOC) team within the client’s Cybersecurity Division.

ConsultingFinancial ServicesInsurance

Responsibilities

Member of the SOC team which provides 24 hours per day, 7 days per week, 365 days per year monitoring and incident response services for the organization’s Network, Systems, Applications, and Web services
Provide senior level cybersecurity incident response expertise in support of the client’s Incident Response processes and procedures
Develop operational baselines such data flows and application interactions to enhance SOC’s ability to respond to incidents
Prepare and manage playbooks and relevant scenarios in addition to narratives and visual diagrams and review continuously, in compliance with NIST SP 800-61 and Government guidance
Follow current guidance from NIST 800-61, Federal Incident Notification Guidelines, CISA’s Incident Response and Vulnerability Playbook, and client guidance
Monitor system status and sensor data from deployed sensors and triage for validity from Security Information and Event Management (SIEM) System, email, texts, phone calls and all enterprise managed dashboards
Analyze all sources including network traffic, identity, fault, performance, and bandwidth information, alerts and data to augment detection of network anomalies and unauthorized activity
Meet regularly with client stakeholders to develop content, analytic rules, alerts, dashboards, automation and identify ways to improve availability and efficiency of client’s incident response program
Categorize, Prioritize, and Report on cybersecurity events in accordance with (IAW) SOPs and other relevant policies documents
Implement cybersecurity mitigations leveraging client tools and systems
Create and escalate cybersecurity-related investigations to both internal and external entities such as DHS or other Government Agencies with client and Federal defined timelines
Manage, coordinate, and respond to FOIA, audits, data calls, e-discovery and information requests
Schedule and execute incident response tabletop exercises with each client FISMA system on an annual basis
Review and handle phishing messages reported by client staff

Qualification

Cybersecurity incident responseSIEM proficiencyThreat actor TTPsIncident response frameworksMalware analysisDetection rules developmentNetworking technologiesWindowsLinux/UnixCloud security certificationsAnalytical skillsResearch skillsCommunication skillsTeamworkSelf-starter

Required

High School or GED-General Educational Development-GED Diploma
Minimum of five years hands-on experience
Proven experience detecting, triaging, and responding to cyber incidents across enterprise networks and cloud environments
Proficiency with SIEM, EDR/XDR platforms, and forensic tools
Strong understanding of threat actor TTPs, MITRE ATT&CK framework, and incident containment strategies
Ability to analyze network traffic, logs, and endpoint telemetry to identify malicious activity
Familiarity with malware analysis, reverse engineering basics, and memory analysis concepts
Experience developing and tuning detection rules, playbooks, and automated response workflows
Working knowledge of incident response frameworks (e.g., NIST SP 800-61, SANS)
Understanding of vulnerability management, threat intelligence integration, and SOC metrics/reporting
Understanding of basic computer and networking technologies
Windows and Linux/Unix operating systems
Networking technologies (routing, switching, VLANs, subnets, firewalls)
Common networking protocols – SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc
Common enterprise technologies – Active Directory, Group Policy, and the Microsoft Azure suite of cloud services
Understanding of current system logging technology and retrieving information from a plethora of technology platforms
Ability to work well in a team environment
Self-starter with ability to work with little supervision
Willingness to take on and adapt to new, open-ended tasks for which there is no current standard operating procedure
Ability to research independently and self-teach
Strong analytical and decision-making skills under pressure
Excellent written and verbal communication, including incident documentation and executive briefings
Ability to lead investigations, mentor junior analysts, and collaborate with cross-functional teams

Preferred

Bachelor's degree in computer science or equivalent is preferred
Interest in security/hacking culture. Ability to “think like an attacker”
General cybersecurity certifications (one or more of the following preferred):
CompTIA Security+
CompTIA Cybersecurity Analyst (CySA+)
Certified Ethical Hacker (CEH)
GIAC Certified Incident Handler (GCIH)
Any cloud security certification, especially:
CompTIA Cloud+
Certified Cloud Security Professional (CCSP)
Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK)
Any Microsoft 365/Azure cybersecurity certification, especially:
Microsoft Certified: Security Operations Analyst Associate (SC-200)
Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
Microsoft Certified: Azure Fundamentals (AZ-900)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Familiarity with the Microsoft 365 and Microsoft Azure suite of products, including Microsoft Sentinel and Microsoft 365 Defender
Knowledge of common enterprise technologies, policies, and concepts such as:
Microsoft Sentinel SIEM
Kusto Query Language (KQL)
Mobile device technologies (iOS, Android)
Scripting experience (PowerShell, Python, etc.)
Microsoft Power BI
Azure DevOps
Artificial Intelligence (AI) / Machine Learning (ML) expertise
In-depth knowledge of AI and ML concepts
How to practically apply AI/ML technologies to enhance cyber threat hunting and incident response capabilities
Experience with specific AI services offered within Microsoft Azure

Company

Bering Straits Native Corporation (BSNC)

twittertwitter
company-logo
Bering Straits Native Corporation is an investment management company that offers resource development and business opportunities.
dateFounded in 1972
location
Nome, Alaska, USA
people-size1001-5000 employees
web-link
http://beringstraits.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Greg Schmidt
Senior COOP Administrator
linkedin
leader-logo
Malorie Lomer
Sr. Human Resources Business Partner
linkedin

Recent News

PR Newswire
Graphite One Welcomes Strategic Investment from Doyon Limited and Aleut
2025-10-06
PR Newswire
Graphite One Announces Warrant Extension
2025-09-15
Company data provided by crunchbase