Job Requirements
Arlington, VA
Top Secret/SCI Polygraph not specified
Senior Level Career (10+ yrs experience)
$145,000 - $155,000
Job Description
Cyber Incident Response Expert (TS/SCI)
Location: Arlington, VA
Clearance: Active TS/SCI required
Apply Now!
or
Contact Recruiter: Brenton Anderson
Email: banderson3@kforce.com
LinkedIn: https://www.linkedin.com/in/myitrecruiterbrenton/
Overview
We are seeking a highly skilled Cyber Incident Response Expert to support a mission-critical federal cybersecurity program focused on protecting national infrastructure. This role sits on a front-line team responsible for proactive threat hunting and rapid response to sophisticated cyber incidents across enterprise and critical environments.
This is a high-impact opportunity to work alongside elite cybersecurity professionals conducting advanced investigations, containment, and remediation of complex threats.
Key Responsibilities
Serve as a subject matter expert (SME) for cyber hunt and incident response activities
Analyze threat actor tactics, techniques, and procedures (TTPs) to detect and mitigate risks
Lead and support incident response efforts, including containment, eradication, and recovery
Conduct deep analysis of endpoint and network data to identify indicators of compromise
Produce executive-level summaries and detailed technical reports
Develop and recommend targeted mitigation and remediation strategies
Provide technical guidance to stakeholders and response teams during active incidents
Support proactive threat hunting across enterprise environments
Document findings and contribute to internal knowledgebases
Collaborate across distributed teams and advise on countermeasure implementation
Required Qualifications
Active TS/SCI clearance
Ability to obtain additional federal suitability as required
7+ years of relevant cybersecurity experience
3+ years supporting or developing cyber response capabilities
Strong experience in incident response and threat hunting
Solid understanding of network architecture and security principles
Experience analyzing system and application vulnerabilities
Knowledge of attack methods, kill chains, and adversarial behaviors
Proficiency with Windows and Linux/Unix environments
Strong written and verbal communication skills
Ability to work independently and collaboratively in fast-paced environments
Willingness to travel domestically on short notice
Preferred Qualifications
Experience leading or mentoring technical teams
Knowledge of cyber defense policies and operational frameworks
Familiarity with a range of threat environments, including advanced adversaries
Hands-on experience with intrusion detection, event correlation, and threat analysis
Exposure to identity and access management (IAM) tools
Ability to assess enterprise environments from a security architecture perspective
Understanding of defense-in-depth strategies
Background in network or system administration
Education
Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field
OR
High School Diploma with 7+ years of relevant technical experience
Certifications (Preferred)
One or more of the following:
DoD 8140-aligned certifications (IAT Level II, IASAE II, CSSP Analyst/Incident Responder)
GIAC certifications (GCIA, GCIH, GNFA)
CEH or equivalent
Other advanced cybersecurity certifications
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Location: Arlington, VA
Clearance: Active TS/SCI required
Apply Now!
or
Contact Recruiter: Brenton Anderson
Email: banderson3@kforce.com
LinkedIn: https://www.linkedin.com/in/myitrecruiterbrenton/
Overview
We are seeking a highly skilled Cyber Incident Response Expert to support a mission-critical federal cybersecurity program focused on protecting national infrastructure. This role sits on a front-line team responsible for proactive threat hunting and rapid response to sophisticated cyber incidents across enterprise and critical environments.
This is a high-impact opportunity to work alongside elite cybersecurity professionals conducting advanced investigations, containment, and remediation of complex threats.
Key Responsibilities
Serve as a subject matter expert (SME) for cyber hunt and incident response activities
Analyze threat actor tactics, techniques, and procedures (TTPs) to detect and mitigate risks
Lead and support incident response efforts, including containment, eradication, and recovery
Conduct deep analysis of endpoint and network data to identify indicators of compromise
Produce executive-level summaries and detailed technical reports
Develop and recommend targeted mitigation and remediation strategies
Provide technical guidance to stakeholders and response teams during active incidents
Support proactive threat hunting across enterprise environments
Document findings and contribute to internal knowledgebases
Collaborate across distributed teams and advise on countermeasure implementation
Required Qualifications
Active TS/SCI clearance
Ability to obtain additional federal suitability as required
7+ years of relevant cybersecurity experience
3+ years supporting or developing cyber response capabilities
Strong experience in incident response and threat hunting
Solid understanding of network architecture and security principles
Experience analyzing system and application vulnerabilities
Knowledge of attack methods, kill chains, and adversarial behaviors
Proficiency with Windows and Linux/Unix environments
Strong written and verbal communication skills
Ability to work independently and collaboratively in fast-paced environments
Willingness to travel domestically on short notice
Preferred Qualifications
Experience leading or mentoring technical teams
Knowledge of cyber defense policies and operational frameworks
Familiarity with a range of threat environments, including advanced adversaries
Hands-on experience with intrusion detection, event correlation, and threat analysis
Exposure to identity and access management (IAM) tools
Ability to assess enterprise environments from a security architecture perspective
Understanding of defense-in-depth strategies
Background in network or system administration
Education
Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field
OR
High School Diploma with 7+ years of relevant technical experience
Certifications (Preferred)
One or more of the following:
DoD 8140-aligned certifications (IAT Level II, IASAE II, CSSP Analyst/Incident Responder)
GIAC certifications (GCIA, GCIH, GNFA)
CEH or equivalent
Other advanced cybersecurity certifications
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
group id: kforcecx
We offer roles across all three clearance levels: Confidential, Secret and Top Secret. With a Top Secret Facilities clearance, a proven subcontractor track record and a deep understanding of agencies across Defense, Intelligence, Homeland, Justice and Federal Civilian Sectors, Kforce brings more than 20 years of experience to supporting critical missions at federal, state and local levels.
