Federal Incident Response Lead (Principal Information Security Engineer) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Zscaler · 1 day ago

Federal Incident Response Lead (Principal Information Security Engineer)

positionMcLean, Virginia, USA
timeFull-time
remoteOnsite
seniorityLead/Staff
money$161K/yr - $230K/yr
date8+ years exp

Zscaler accelerates digital transformation, providing a cloud native Zero Trust Exchange platform to protect customers from cyberattacks. The Federal Incident Response Lead will establish and lead incident response operations within a dedicated DoD/DoW IL6 cloud environment, ensuring alignment with federal security practices and driving proactive threat hunting.

Cloud SecurityCyber SecurityEnterprise SoftwareSecurity
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Establish and mature an Incident Response (IR) program within a new, dedicated, classified DoD environment (primarily DoD IL6 with FedRAMP and DoD IL5 support)
Lead end-to-end incident response, including triage, containment, eradication, recovery, and post-incident lessons learned with rigorous documentation
Stand up and lead a formal threat hunting capability to proactively investigate and mitigate potential security threats in an IL6 environments
Partner with security platform engineering to operationalize and tune SIEM/SOAR (Splunk Enterprise Security) content and playbooks, define detection requirements and coverage gaps, and ensure alerts are actionable for rapid response
Collaborate with cross-functional teams to develop and refine IR playbooks, procedures, and automation aligned with DoD CC SRG and FedRAMP

Qualification

Incident Response LeadershipThreat HuntingSIEM/SOAR OperationalizationFedRAMP ComplianceNIST 800-53DoD CC SRGCloud SecurityCollaborationProblem SolvingAdaptabilityIntegrity

Required

US Citizenship and an active U.S. Secret Security Clearance (Top Secret preferred), with a willingness to participate in an on-call rotation (nights and weekends)
8+ years leading incident response and DFIR in DoD/classified environments, with proven incident command experience in 24/7 operations
Experience establishing IR programs and formal threat hunting functions in cloud-centric federal environments
Hands-on leadership operationalizing and tuning SIEM/SOAR (preferably Splunk Enterprise Security) content and playbooks
Practical application of FedRAMP Moderate/High, NIST 800-53, DoD CC SRG, RMF, and DISA STIGs to IR processes and tooling

Preferred

Bachelor's degree in Computer Science, Cybersecurity, or a related field
Have or be able to obtain advanced DoD 8140 DCWF certification
Experience operating in U.S. government cloud regions (AWS GovCloud/Secret or Azure Government/DoD/Secret) with DoD IL5/IL6 constraints

Benefits

Various health plans
Time off plans for vacation and sick time
Parental leave options
Retirement options
Education reimbursement
In-office perks, and more!

Company

Zscaler

twittertwittertwitter
Glassdoor4.0
company-logo
Zscaler is a global cloud-based information security company that enables secure digital transformation for mobile and cloud.
dateFounded in 2008
location
San Jose, California, USA
people-size5001-10000 employees
web-link
https://www.zscaler.com

Funding

Current Stage
Public Company
Total Funding
$1.67B
Key Investors
TPG GrowthLightspeed Venture Partners
2025-07-01Post Ipo Debt· $1.5B
2024-04-23Post Ipo Equity· $22.7M
2018-03-16IPO

Leadership Team

leader-logo
Jay Chaudhry
CEO, Chairman & Founder
linkedin
leader-logo
Hemant Dabke
Area Vice President
linkedin

Recent News

Benzinga.com
Zscaler Is 30% Below Its Peak — Can A New Growth Chief Fight A Bearish Trend?
2026-01-09
The Hacker News
Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages
2026-01-09
GlobeNewswire
Zscaler Appoints Sunil Frida as Chief Marketing Officer to Drive Next Phase of Global Growth
2026-01-06
Company data provided by crunchbase