Incident Responder

Summary

As an Incident Responder, you will lead cybersecurity investigations within the Computer Security Incident Response Team (CSIRT), collaborating with internal teams and external partners while ensuring compliance with all applicable regulations. You will document and present findings, assess and enforce security policies, and evaluate technical solutions to strengthen network defenses. Responsibilities include analyzing logs from security systems, validating architecture designs, recommending hardware and software changes, and implementing security directives across server environments. Additionally, you will maintain data integrity, communicate potential business impacts of security threats, and act decisively to protect organizational assets and information. 

Your role in our mission

• Leads cybersecurity investigations within the Computer Security Incident Response Team (CSIRT). 
• Document and present investigation findings. 
• Work with internal and external partners, including law enforcement, to conduct investigations.
• Follow applicable local, Federal, and State guidance, regulations, and laws in conducting investigations. 
• Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications. 
• Performs product evaluations, recommends and implements products/services for network security.
• Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies. 
• Analyzes outputs and logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. 
• Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security. 
• Provides enforcement of security directives, orders, standards, plans and procedures at server sites. 
  Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information.

What we're looking for

• Bachelor's degree in cybersecurity, computer science, or related field preferred.
• Six or more years of experience in network, host, data and/or application security in multiple operating system environments.
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists.
• Experience working with internet, web, application and network security techniques.
• Experience working with relevant operating system security (Windows, Solaris, Linux, etc.).
• Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies.
• Experience working with federal regulations related to information security (FISMA, Computer security Act, HIPAA, etc.).
• Experience working with NIST Special Publications and C & A process methodology.
• Possess security certifications (CISSP, CCNA, etc).

What you should expect in this role

• This opportunity is 100% remote, based in the U.S.

The deadline to submit applications for this posting is November 3, 2025.