Incident Responder, Journeyman

Job description

Responsibilities We are seeking a highly skilled and innovative Incident Responder to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Triage alerts, analyze SIEM, EDR, network telemetry, and application logs to identify indicators of compromise and suspected security incidents. - Execute containment actions per playbooks: isolate hosts, disable accounts, block network traffic, and implement temporary mitigations. - Collect, preserve, and document forensic artifacts, system logs, and evidence for escalation and deeper analysis. - Investigate incidents: perform root‑cause analysis, validate detections, and track remediation progress through case records. - Coordinate response activities with SOC analysts, CIRT teams, network operations, cybersecurity engineers, and stakeholders. - Validate remediation steps, retest affected systems, and confirm eradication of threats prior to closure. - Maintain incident timelines, produce technical updates and incident summaries, and support after‑action reviews. - Identify recurring patterns, visibility gaps, and detection shortfalls; recommend improvements to monitoring and detection coverage. - Contr...