ARGO Cyber Systems · 2 months ago
Cyber Incident Manager III
Arlington, VA
Full-time
Onsite
Mid, Senior Level
$90K/yr - $115K/yr
5+ years expArgo Cyber Systems is a Service-Disabled Veteran-Owned Small Business providing mission-critical cybersecurity support to U.S. Government agencies. The Cyber Incident Manager will lead onsite incident response operations, coordinating incident handling, forensic triage, and threat mitigation for high-impact cyber events.
Cyber SecurityEnterprise SoftwareInformation TechnologyInternet
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Direct and coordinate incident response activities across diverse environments-ensuring rapid containment, accurate impact assessment, and effective recovery
Correlate and analyze incident data to identify patterns, trends, and emerging threats
Perform triage and scoping of cyber incidents to determine severity, urgency, and operational impact
Apply Defense-in-Depth principles and best practices to strengthen enterprise resilience
Investigate indicators of compromise (IOCs), malware behavior, and intrusion vectors using host and network data
Research and document resolution steps, mitigations, and workarounds for ongoing or recurring incidents
Develop and maintain incident response procedures and playbooks aligned with NIST SP 800-61 Rev.2 and FISMA reporting requirements
Monitor external intelligence sources and threat feeds to maintain situational awareness of current threat conditions
Track, document, and brief incident lifecycle progress from detection through closure, ensuring accurate reporting and escalation to senior stakeholders
Collaborate with cross-functional teams-including threat analysts, forensics personnel, SOC operators, and federal incident coordinators-to provide unified, mission-focused response
Qualification
Required
U.S. Citizenship
Active TS/SCI clearance (must be able to obtain DHS EOD Suitability)
5+ years of directly relevant experience in cyber incident management, SOC operations, or DFIR roles
Strong understanding of incident response methodologies, frameworks, and reporting requirements under NIST SP 800-61 and FISMA
Demonstrated ability to analyze, prioritize, and document incidents within enterprise or federal environments
Solid grasp of attack lifecycle stages and common adversary tactics (reconnaissance, exploitation, privilege escalation, persistence, exfiltration, etc.)
Knowledge of system administration, OS hardening, and defensive security controls across Windows, Linux, and hybrid environments
Familiarity with CND policies, procedures, and regulatory frameworks
Understanding of threat actor typologies (e.g., opportunistic, organized criminal, nation-state) and their operational tradecraft
Excellent written and verbal communication skills for technical and executive reporting
Bachelor's Degree in Cybersecurity, Information Systems, Computer Science, or related discipline or High School Diploma with 7-9 years of relevant incident management or cybersecurity experience
Preferred
Proficiency with SIEM, EDR, and network forensic tools (e.g., Splunk, SentinelOne, Elastic, Wireshark)
Experience conducting or managing shift-based or 24×7 cyber operations
Advanced knowledge of malware analysis, log correlation, and network defense methodologies
Familiarity with incident ticketing and tracking systems (e.g., ServiceNow, Jira, Remedy)
Strong analytical mindset and ability to lead during high-pressure operational events
GCIH, GCFA, GISP, GCED, CCFP, CISSP, or equivalent
Company
ARGO Cyber Systems
Argo Cyber Systems provides managed cyber monitoring services for businesses and other environments.
11-50 employees
Funding
Current Stage
Early StageTotal Funding
unknown2020-10-05Pre Seed
Recent News
2022-03-14
Company data provided by crunchbase