Incident Response Team Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tyto Athene, LLC · 1 day ago

Incident Response Team Lead

positionAshburn, VA
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Tyto Athene is searching for a forward-thinking and self-motivated Incident Response Team Lead to support a law enforcement customer in Washington, DC. This role requires strong organizational skills and the ability to perform complex tasks quickly while leading incident response activities and mentoring junior staff.

Information Technology
check
Work & Life BalancebadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote
Hiring Manager
Suzanne Murphy
linkedin

Responsibilities

Utilize state-of-the-art technologies such as host forensics tools (FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk), and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data
Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
Recognize attacker and APT activity, tactics, and techniques that can be used to improve monitoring, analysis, and incident response
Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
Lead Incident Response activities and mentor junior staff
Work with key stakeholders to implement remediation plans in response to incidents
Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
Author Standard Operating Procedures (SOPs) and training documentation when needed
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Qualification

Cybersecurity experienceIncident response leadershipCISSP certificationSIEM systemsEDR toolsIDS/IPSDigital forensicsScripting experienceCommunication skillsOrganizational skills

Required

Minimum five (5) years of progressive experience in cybersecurity, information security, security engineering, network engineering, incident response, systems architecture, or data management with a cybersecurity focus
Bachelor's degree in Computer Engineering, Computer Science, Information Technology, or Cybersecurity (or eight (8) years of relevant work experience in lieu of degree)
Required Certification: Certified Information Systems Security Professional (CISSP)
Proficient experience with: Security Information and Event Management (SIEM) systems
Proficient experience with: Endpoint Detection & Response (EDR) tools
Proficient experience with: Intrusion Detection & Prevention Systems (IDS/IPS)
Proficient experience with: Digital forensic and case management platforms
Proven experience leading cyber incident response efforts and coordinating with technical and non-technical stakeholders
TS/SCI Clearance required

Preferred

Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred
Desirable certifications include, but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC
Security +
CEH, CISSP, CCNA (Security) or equivalent Certifications
CySA+

Company

Tyto Athene, LLC

twittertwittertwitter
company-logo
At Tyto Athene, we help turn Data to Dominance.
dateFounded in 2018
location
Herndon, Virginia, USA
people-size1001-5000 employees
web-link
https://gotyto.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Dennis Kelly
Chief Executive Officer
linkedin
leader-logo
Peter O'Donoghue
Chief Technology Officer
linkedin

Recent News

Washington Technology
Growth, tech and operations leadership moves across the market
2025-11-23
Washington Technology
Arlington Capital fetches $6B for its seventh fund
2025-11-01
Washington Technology
Tech, finance and operations leadership moves across the market
2025-09-16
Company data provided by crunchbase