Cyber Defense Cloud Incident Responder jobs in United States
cer-icon
Apply on Employer Site
company-logo

ASRC Federal · 1 day ago

Cyber Defense Cloud Incident Responder

positionHanover, MD
timeFull-time
remoteHybrid
seniorityEntry, Mid Level
money$88K/yr - $145K/yr
date2+ years exp

ASRC Federal is a leading government contractor focused on missions in space, public health, and defense. They are seeking a Cyber Defense Cloud Incident Responder to support a DCSA cybersecurity program by detecting, analyzing, and responding to security incidents in cloud-hosted environments.

ConsultingGovernmentInformation TechnologyLogisticsProfessional ServicesSpace TravelStaffing Agency
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Monitor AWS, Azure, and/or Google Cloud environments for malicious or anomalous activity using SIEM, SOAR, and cloud-native security tooling
Analyze logs, telemetry, alerts, and cloud audit data to identify indicators of compromise (IOCs) and attack patterns
Tune detection logic and alerting to reduce false positives and improve response fidelity
Lead and support incident response activities across the full lifecycle: identification, containment, eradication, recovery, and lessons learned
Perform root cause analysis and impact assessments for cloud-related security incidents
Coordinate response actions with SOC analysts, engineering teams, system owners, and government stakeholders
Document incidents, response actions, and remediation recommendations in accordance with government reporting requirements
Leverage threat intelligence sources to identify emerging threats targeting cloud platforms and federal environments
Map adversary activity to MITRE ATT&CK and cloud-specific threat models
Recommend defensive improvements based on observed tactics, techniques, and procedures (TTPs)
Identify cloud misconfigurations, exposed services, and security gaps
Support vulnerability assessments and remediation prioritization for cloud-hosted systems
Advise on security controls aligned to NIST and DoD requirements
Support compliance activities aligned to NIST 800-53, RMF, and DoD cybersecurity requirements
Assist with security documentation, evidence collection, and audit response
Validate cloud security configurations against established baselines and policies

Qualification

Cloud Security OperationsIncident ResponseThreat IntelligenceVulnerability ManagementAWSAzureGoogle CloudSIEM/SOARNIST 800-53Team CoordinationCommunication SkillsDocumentation Skills

Required

Two (2) to Four (4) years' hands-on cybersecurity experience in one or more of the following: Incident Response or Threat Hunting within a mid-to-large enterprise, SOC operations supporting cloud or hybrid environments, Enterprise vulnerability management or endpoint/cloud security operations
Active Top Secret (TS) Clearance REQUIRED, eligible to be upgraded to TS/SCI
DoD 8570 Information Assurance (IA) Program / DoD 8140 Cyber Workforce Qualification Program (CWQP): Must meet DoD 8570.01-M / IAT Level II or IAM Level II requirements at a minimum. At least one active qualifying certification required, including but not limited to: CompTIA Security+ CE, CompTIA CySA+, CompTIA SecX CE, SSCP, GCIH, GCED, GCIA, GSEC, CEH, Pentest+, Cloud+, GICSP, CISSP (or Associate)
Bachelor's Degree, in Cybersecurity, and/or Information Systems Management or equivalent combination of education, experience and military service
Cloud Platform experience: Practical experience securing AWS, Azure, and/or Google Cloud environments
Security Tooling: Experience with SIEM/SOAR platforms such as Splunk, Elastic, Swimlane, or equivalent
Incident Response: Proven experience executing IR playbooks and responding to real-world security incidents
Networking & Systems: Strong understanding of TCP/IP, DNS, authentication mechanisms, operating systems, log analysis, and cloud architecture
Frameworks & Standards: Familiarity with NIST Cybersecurity Framework, NIST 800-53, and RMF concepts
Analysis & Reporting: Ability to clearly document findings, response actions, and technical recommendations

Preferred

Experience supporting classified or DoD environments
Familiarity with cloud-native security services (e.g., AWS Guard Duty, AWS Security Hub, Defender for Cloud, Security Command Center)
Experience with automation, scripting, or SOAR workflows
Exposure to threat hunting or advanced adversary analysis

Benefits

Health care
Dental
Vision
Life insurance
401k
Education assistance
Paid time off including Paid Time Off
Holidays
Any other paid leave required by law

Company

ASRC Federal

twittertwittertwitter
Glassdoor3.7
company-logo
ASRC Federal provide mission-critical services to federal government agencies dedicated to defense, civil and intelligence support.
dateFounded in 2003
location
Beltsville, Maryland, USA
people-size5001-10000 employees
web-link
http://www.asrcfederal.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Jennifer Felix
President & Chief Executive Officer
linkedin
leader-logo
Joseph Winthrop
Chief Financial Officer
linkedin

Recent News

TradingView
Defense Logistics Agency Awards ASRC Federal Up To $2.3 Bln To Manage Chemical & Oil Supply Chain
2026-01-16
Washington Technology
Two dozen corporate leadership moves to note as 2026 begins
2026-01-11
Washington Technology
A pair of CEO transitions and more leadership moves across the market
2025-12-13
Company data provided by crunchbase