Apply on Employer Site

ARGO Cyber Systems · 4 months ago

Incident Manager Level III (Computer Network Defense) *Requires US Security clearance

Arlington,VA,US

Full-time

Hybrid

Senior Level

5+ years exp

Argo Cyber Systems delivers mission-critical cybersecurity and incident response services to U.S. Government agencies and critical infrastructure sectors. They are seeking an experienced Cyber Incident Manager to lead and coordinate incident response operations for a high-profile U.S. Government customer, overseeing the triage, analysis, and resolution of cybersecurity events across federal civilian networks and critical assets.

Cyber SecurityEnterprise SoftwareInformation TechnologyInternet

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead and manage incident response and cyber defense operations, ensuring timely containment, eradication, and recovery

Correlate and analyze incident data to identify trends, adversary tactics, and systemic vulnerabilities

Conduct Computer Network Defense (CND) triage, assessing scope, urgency, and operational impact of security events

Develop and recommend Defense-in-Depth strategies, layered defense architectures, and resilience improvements

Research and document resolutions and mitigations to support enterprise recovery and strengthen future defenses

Apply cybersecurity and threat intelligence concepts to detect, analyze, and respond to intrusions in both small and large-scale network environments

Monitor and assess external threat data sources to maintain situational awareness and anticipate potential impacts to the enterprise

Lead the investigation of incident root causes, infection vectors, and attacker methodologies

Receive, analyze, and validate security alerts from enterprise monitoring tools, escalating as appropriate

Track and document all incident response activities from detection through closure, ensuring comprehensive reporting and lessons learned

Support continuous improvement by refining processes, updating playbooks, and mentoring junior analysts

Qualification

Cyber incident managementIncident response methodologiesNIST SP 800-61Threat intelligence conceptsSIEMEDR platformsMalware detection techniquesMITRE ATT&CK frameworkCoordination skillsLeadership skillsCommunication skills

Required

U.S. Citizenship (required)

Active TS/SCI clearance (required)

Ability to obtain DHS Entry on Duty (EOD) Suitability

5+ years of hands-on experience in cyber incident management or SOC/DFIR operations

Deep understanding of incident response methodologies, containment strategies, and recovery workflows

Working knowledge of NIST SP 800-61 Rev.2 (Computer Security Incident Handling Guide) and FISMA incident reporting standards

Strong ability to analyze, prioritize, and document incidents, including phishing, lateral movement, and privilege escalation cases

Comprehensive understanding of cyberattack lifecycle stages and adversary tactics, techniques, and procedures (TTPs)

Proficiency in identifying vulnerabilities, threat vectors, and exploitation patterns

Knowledge of operating system hardening, network defense, and system administration fundamentals

Familiarity with nation-state, criminal, and opportunistic threat actor profiles and their operational tradecraft

Excellent communication, coordination, and leadership skills in high-pressure, mission-driven environments

Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related discipline or High School Diploma with 7-9 years of directly relevant experience in cyber incident response or network defense