Cybersecurity Incident Response Engineer, Jr

The Cybersecurity Incident Response Engineer, Jr. monitors enterprise security tools and logs to detect, analyze, and triage potential cybersecurity threats targeting missionu2011critical systems and data. The role performs initial investigations, distinguishes false positives from genuine incidents, and escalates significant events to senior analysts or incident responders as appropriate. The analyst supports basic containment and response actions, documents events and findings, and helps fineu2011tune security controls to improve detection fidelity in a highly regulated federal IT environment. Key Responsibilities + Monitor SIEM and other security tooling to review events, correlate logs from multiple sources, and identify suspicious patterns that may indicate cybersecurity threats or policy violations. + Perform Tier 1 alert triage by validating alert context, determining severity and potential impact, filtering out false positives, and generating wellu2011documented tickets for escalation. + Assist with incident response activities, including gathering evidence, capturing indicators of compromise, and supporting containment and recovery steps under guidance of senior analysts. + Document investigations thoroughly, including timelines, data sources reviewed, actions taken, and handoffs, to support audit requirements and followu2011on analysis. + Maintain familiarity with common security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners, and interpret how their alerts surface within SOC tools. + Follow established SOC standard operating procedures, playbooks, and reporting formats, and contribute feedback to improve them as detection and response capabilities mature. + Support continuous tuning of rules, use cases, and dashboards to reduce noise, enhance detection accuracy, and improve visibility into the client environment. + Collaborate with IT, operations, and risk teams to align monitoring and response activities with cybersecurity policies, regulatory expectations, and mission priorities. Required Qualifications + Bacheloru2019s degree in IT, Computer Science, Cybersecurity, or related field, or equivalent relevant experience. + 0u20133 years of experience in cybersecurity, IT operations, or related technical roles with exposure to security monitoring and incident triage. + Foundational understanding of cybersecurity concepts, common attack techniques, and the role of a security operations center in detection and response. + Handsu2011on familiarity with security tools such as SIEM, firewalls, IDS/IPS, endpoint protection, or vulnerability scanners, and ability to interpret basic alerts and logs. + Active SECRET clearance or ability to obtain and maintain required clearance. + U.S. citizenship required to support federal information security requirements. + Strong analytical, problemu2011solving, communication, and teamwork skills, with the ability to manage multiple alerts and tasks in a fastu2011paced SOC environment. Preferred Qualifications + Experience working in or supporting a 24x7 SOC environment, including shift work and effective handoff practices for ongoing incidents. + Entryu2011level security certifications such as Security+, CySA+, or similar that validate core defensive operations knowledge. + Experience following or implementing documented playbooks, runbooks, or standard operating procedures in a security or IT operations context. + Familiarity with federal cybersecurity policies, control frameworks, or agencyu2011specific security requirements. Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees. EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment. Physical Requirements The physical requirements described in

Created: 2026-04-29