Cybersecurity Incident Response Engineer- Secret

Remote · USA Full-time New today

We are hiring for Jr, Mid, and SR levels for this role! This role requires an active Secret Clearance or within 24 months. Falsely claiming a DoD clearance can lead to serious legal consequences, including criminal charges under 18 U.S. Code § 1001, which may result in fines and imprisonment of up to five years. Clearance: Active Secret Clearance required Travel: Up to 10% We are seeking Cybersecurity Incident Response Engineer to support a mission-critical federal environment. This role is responsible for monitoring enterprise security tools, identifying potential threats, and supporting incident response efforts. The ideal candidate will have foundational cybersecurity knowledge, strong analytical skills, and the ability to operate in a fast-paced Security Operations Center (SOC).

Key Responsibilities

Monitor SIEM and security tools to detect, analyze, and correlate potential cybersecurity threats
Perform alert triage, including validating alerts, assessing severity, and escalating as needed
Differentiate false positives from legitimate security incidents
Support incident response activities, including evidence collection and containment efforts
Document investigations thoroughly for audit and reporting purposes
Follow SOC playbooks, procedures, and escalation protocols
Assist in tuning detection rules and improving alert accuracy
Collaborate with IT, operations, and risk teams to align with security policies and mission needs
Maintain awareness of security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners

Required Qualifications

Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field (or equivalent experience)
1–10 years of experience in cybersecurity, IT operations, or related field
Basic understanding of cybersecurity principles and threat detection
Experience or familiarity with SIEM and other security tools
Active Secret Clearance (required)
Strong problem-solving, communication, and analytical skills

Preferred Qualifications

Experience in a SOC or 24/7 monitoring environment
Relevant Certification (Security+, CySA+, etc.)
Familiarity with incident response playbooks and procedures
Exposure to federal cybersecurity frameworks or compliance standards

Apply tot his job Apply To this Job

Apply

Cybersecurity Incident Response Engineer- Secret

Key Responsibilities

Required Qualifications

Preferred Qualifications

Related roles

Cybersecurity Analyst (SOC Analyst / Threat Monitoring & Response)

Cybersecurity Expert (OSCP Required)

Cybersecurity Influencer

TOC Cybersecurity Governance & Risk Analyst

Senior Cybersecurity Engineer, Secret Clearance

IT Security Engineer- Remote – United States

Application Security Engineer

Expert Incident Response / Threat / Purple Teaming Engineer

IT Cyber Security Engineer

Senior Penetration Tester (WebApp and Network)

Quantitative Operations Officer II

Experienced Customer Service Associate – Insurance Industry Remote Role

Experienced Customer Support Representative – Remote Data Entry Opportunities at arenaflex

Regional Training Manager - Ground Handling Canada

Experienced Full Stack Customer Support Specialist – Spanish Language Expert – Work From Home Opportunity

Field Case Manager II

Experienced Part-Time Data Entry Clerk – Remote Opportunity at arenaflex

Experienced Customer Solutions Advisor – Transforming Delivery Experience for arenaflex Key for Business

Experienced Customer Service Advisor – Remote Work Opportunity at arenaflex

Experienced Data Entry Clerk – Digital Database Management and Customer Support