Federal Incident Response Lead (Principal Information Security Engineer) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Zscaler · 1 day ago

Federal Incident Response Lead (Principal Information Security Engineer)

positionMcLean, VA
timeFull-time
remoteOnsite
seniorityLead/Staff
money$161K/yr - $230K/yr
date8+ years exp

Zscaler is a company focused on accelerating digital transformation and enhancing security for its customers. They are seeking a Federal Incident Response Lead to establish and lead incident response operations in a classified DoD environment, ensuring compliance with federal security practices.

Cloud SecurityCyber SecurityEnterprise SoftwareSecurity
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Establish and mature an Incident Response (IR) program within a new, dedicated, classified DoD environment (primarily DoD IL6 with FedRAMP and DoD IL5 support)
Lead end-to-end incident response, including triage, containment, eradication, recovery, and post-incident lessons learned with rigorous documentation
Stand up and lead a formal threat hunting capability to proactively investigate and mitigate potential security threats in an IL6 environments
Partner with security platform engineering to operationalize and tune SIEM/SOAR (Splunk Enterprise Security) content and playbooks, define detection requirements and coverage gaps, and ensure alerts are actionable for rapid response
Collaborate with cross-functional teams to develop and refine IR playbooks, procedures, and automation aligned with DoD CC SRG and FedRAMP

Qualification

Incident Response LeadershipThreat HuntingSIEM/SOAR OperationsFedRAMP ComplianceNIST 800-53DoD CC SRGCloud SecurityCollaborationProblem SolvingAdaptability

Required

US Citizenship and an active U.S. Secret Security Clearance (Top Secret preferred), with a willingness to participate in an on-call rotation (nights and weekends)
8+ years leading incident response and DFIR in DoD/classified environments, with proven incident command experience in 24/7 operations
Experience establishing IR programs and formal threat hunting functions in cloud-centric federal environments
Hands-on leadership operationalizing and tuning SIEM/SOAR (preferably Splunk Enterprise Security) content and playbooks
Practical application of FedRAMP Moderate/High, NIST 800-53, DoD CC SRG, RMF, and DISA STIGs to IR processes and tooling

Preferred

Bachelor's degree in Computer Science, Cybersecurity, or a related field
Have or be able to obtain advanced DoD 8140 DCWF certification
Experience operating in U.S. government cloud regions (AWS GovCloud/Secret or Azure Government/DoD/Secret) with DoD IL5/IL6 constraints

Benefits

Various health plans
Time off plans for vacation and sick time
Parental leave options
Retirement options
Education reimbursement
In-office perks, and more!

Company

Zscaler

twittertwittertwitter
Glassdoor4.0
company-logo
Zscaler is a global cloud-based information security company that enables secure digital transformation for mobile and cloud.
dateFounded in 2008
location
San Jose, California, USA
people-size5001-10000 employees
web-link
https://www.zscaler.com

Funding

Current Stage
Public Company
Total Funding
$1.67B
Key Investors
TPG GrowthLightspeed Venture Partners
2025-07-01Post Ipo Debt· $1.5B
2024-04-23Post Ipo Equity· $22.7M
2018-03-16IPO

Leadership Team

leader-logo
Jay Chaudhry
CEO, Chairman & Founder
linkedin
leader-logo
Hemant Dabke
Area Vice President
linkedin

Recent News

Benzinga.com
Zscaler Is 30% Below Its Peak — Can A New Growth Chief Fight A Bearish Trend?
2026-01-09
The Hacker News
Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages
2026-01-09
GlobeNewswire
Zscaler Appoints Sunil Frida as Chief Marketing Officer to Drive Next Phase of Global Growth
2026-01-06
Company data provided by crunchbase