Cyber Defense Incident Responder

Job Title: Cyber Defense Incident Responder (Level 4-6)
Location: Oak Ridge, TN (Hybrid)
Clearance Required: Q Clearance (Active DOD Top Secret with eligibility for Q clearance through reciprocity is acceptable)
Travel Required: Yes
Travel Frequency: Approximately 20 trips per year, 50% initially to catch up, then drops to 25%

Position Overview:

We are seeking an experienced Cyber Defense Incident Responder to join our team in Oak Ridge, TN. This hybrid role is focused on monitoring, detecting, and responding to cybersecurity incidents across various systems and networks. The ideal candidate will have extensive experience in incident response, threat hunting, and mitigation strategies to ensure the protection of critical infrastructure. You will work in collaboration with internal teams to resolve incidents, implement cybersecurity measures, and ensure compliance with security standards.

Key Responsibilities:

• Monitor network traffic and security alerts to detect and respond to cybersecurity incidents in real-time.
• Conduct incident investigations, determine root causes, and develop containment and remediation plans.
• Perform threat hunting to identify potential vulnerabilities and indicators of compromise (IOCs).
• Collaborate with IT and cybersecurity teams to improve security measures and reduce future incidents.
• Ensure compliance with federal cybersecurity standards, including NIST SP 800-53 and other relevant frameworks.
• Create incident reports and maintain documentation of incident response activities.
• Provide training and guidance to team members on cybersecurity best practices and incident handling.
• Participate in tabletop exercises and simulated incident response activities to improve team readiness.

Qualifications and Skills:

• 5-10 years of experience in incident response, threat hunting, and cybersecurity operations.
• Strong knowledge of NIST SP 800-53, cybersecurity frameworks, and federal security standards.
• Hands-on experience with security tools such as SIEM, intrusion detection systems (IDS), and network monitoring tools.
• Excellent problem-solving skills with the ability to quickly analyze and resolve incidents.
• Effective communication skills for collaboration with cross-functional teams and stakeholders.
• Bachelor’s degree in Information Technology, Cybersecurity, or related field preferred.
• Active Q Clearance or DOD Top Secret clearance with eligibility for Q clearance.

Qualifications and Skills:

• 5-10 years of experience in cybersecurity analysis, incident response, and vulnerability management.
• Strong knowledge of NIST SP 800-53, risk management frameworks, and other relevant cybersecurity policies and standards.
• Proven ability to analyze and mitigate cybersecurity threats and incidents.
• Experience with security information and event management (SIEM) tools, network traffic analysis, and security audits.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
• Bachelor’s degree in Information Technology, Cybersecurity, or related field is preferred.
• Active Q Clearance or DOD Top Secret clearance with eligibility for Q clearance.

Specific Deliverables:

• Perform real-time monitoring and response to cybersecurity incidents and threats.
• Ensure compliance with federal cybersecurity policies, including NIST SP 800-53.
• Conduct regular vulnerability assessments and provide comprehensive reports.
• Develop and maintain cybersecurity documentation and risk management strategies.
• Collaborate with internal teams to enhance cyber defense mechanisms and ensure asset protection.

*Duties and responsibilities in this Job listing are not all inclusive and subject to change. For more specific information, please reach out the Rampant Hiring Team.