Cyber Defense Incident Responder (Public Trust) with ...

What you will be doing The Cyber Defense Incident Responder has the primary responsibility of investigating incidents, conducting forensic analysis, and determining root causes for complex incident response scenarios. The Cyber Defense Incident Responder will be responsible for advising what actions are needed to various stakeholders. Responsibilities: * Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks. * Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats. * Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. * Provide recommendations for process improvement and monitoring capability * Perform risk analyses and risk assessments Experience: * 7+ years of SOC experience, 3+ years working at a senior/lead capacity. * Direct experience executing Incident Handling and Response activities. * Understanding of Security tools and the Security Stack. * Working knowledge of Splunk. Basic understanding of network protocols and packet analysis tools. Cyber Security background. Hours of Work Contractor staff will be assigned to support shifts on a schedule that provides coverage 24 hours a day, 7 days a week including Federal holidays and government closures unless otherwise approved, in writing, by the COR. The primary place of performance is in Washington DC. Up to 2 days of remote work may be possible with written approval from the customer. Required: * Public Trust Clearance * Must be a U.S. Citizen * Must successfully complete an FBI fingerprint check * Contractors must successfully pass a seven-year criminal background check and five-panel drug screen prior to working on this project Education Bachelor''s Degree, preference in Information Systems or Computer Science. Splunk Fundamentals I & II is required and one or more advanced certifications, including but not limited to: CISSP, GCIH, GCIA Equal Opportunity Employer: Disability/Veteran About Tyto Athene Tyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto''s services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and ''As-a-Service''. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe. After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it''s time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Created: 2025-11-01