Cyber Incident Response Team (CIRT) Lead (SME)

Job description

Responsibilities We are seeking a highly skilled and innovative Cyber Incident Response Team (CIRT) Lead (SME) to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Provide enterprise technical authority for cyber incident response: establish doctrine, escalation frameworks, investigative standards, and adjudication processes aligned with DoD, Army, and NIST guidance. - Advise senior leadership during high‑severity incidents on containment strategy, operational risk, recovery priorities, and risk tradeoffs. - Oversee development, validation, and lifecycle management of incident response playbooks, forensic methodologies, adversary mapping techniques, and chain‑of‑custody procedures to ensure defensible investigative outcomes. - Integrate threat intelligence, threat hunting insights, and vulnerability data into enterprise response strategy to improve detection fidelity and inform remediation priorities. - Guide optimization and architectural alignment of SOC/CIRT tooling (EDR/XDR, SOAR, forensics, packet capture) to ensure operational readiness and scalability. - Direct cross‑organizational coordination with RCC‑ARNG, NETCOM, ARCYBER, engi...