Cybersecurity Lead / Incident Response Coordinator

Falls Church, VA
Full Time
Experienced

We are seeking an experienced Cybersecurity Lead / Incident Response Coordinator to support a federal customer within the Department of Justice (DOJ). This individual will serve as the senior technical lead overseeing cybersecurity operations, incident response, vulnerability management, insider threat monitoring, compliance initiatives, and contractor personnel supporting a mission-critical enterprise environment.

This role requires a hands-on cybersecurity leader with experience managing technical teams, coordinating enterprise security operations, and advising senior government stakeholders on cybersecurity strategy, risk, and compliance.

Responsibilities

Program Leadership

  • Lead daily cybersecurity operations supporting a federal enterprise environment.
  • Serve as the primary technical point of contact for government leadership and program stakeholders.
  • Supervise and mentor cybersecurity personnel, balancing workloads and ensuring high-quality performance.
  • Manage task assignments, deliverables, quality assurance activities, and program reporting.
  • Support contract management activities including status reporting, risk management, and performance tracking.
  • Participate in executive briefings, program reviews, and strategic planning meetings.

Incident Response & Security Operations

  • Lead enterprise incident response efforts from detection through containment, eradication, recovery, and lessons learned.
  • Coordinate investigations involving security incidents, malware infections, insider threats, and unauthorized activity.
  • Analyze security alerts from SIEM, SOAR, EDR, IDS/IPS, DLP, and endpoint protection platforms.
  • Conduct threat hunting and forensic analysis to identify indicators of compromise and emerging threats.
  • Oversee vulnerability management activities including scanning, prioritization, remediation tracking, and reporting.
  • Develop and maintain incident response procedures, playbooks, and standard operating procedures.

Security Governance & Compliance

  • Develop cybersecurity policies, procedures, standards, and security documentation.
  • Ensure compliance with federal cybersecurity requirements including NIST, FISMA, OMB, and DOJ guidance.
  • Support security audits, assessments, risk management activities, and continuous monitoring initiatives.
  • Develop executive dashboards, cybersecurity metrics, and risk reporting for leadership.
  • Coordinate security initiatives across infrastructure, applications, cloud, and enterprise systems.
Minimum Qualifications
  • Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, Engineering, or a related field.
    • Relevant professional experience may be substituted for a degree.
  • Minimum 5 years of cybersecurity experience supporting Federal Government environments.
  • Minimum 3 years leading or supporting:
    • Security Operations Centers (SOC)
    • Cyber Incident Response
    • Vulnerability Management
    • Threat Hunting
  • Experience leading technical teams within fast-paced operational environments.
  • Experience supporting enterprise cybersecurity operations within regulated federal environments.
  • U.S. Citizenship required.
  • Ability to obtain and maintain a DOJ Public Trust.
Required Technical Experience

Experience with one or more of the following:

  • SIEM platforms (Splunk, Microsoft Sentinel, QRadar, Elastic, etc.)
  • SOAR platforms
  • Endpoint Detection & Response (EDR)
  • Tenable, Nessus, BigFix, or other vulnerability management solutions
  • IDS/IPS technologies
  • Threat intelligence platforms
  • Malware analysis
  • Digital forensics
  • Security monitoring
  • Log analysis
  • Threat hunting
  • Vulnerability remediation
  • Security assessments
Required Knowledge
  • NIST Cybersecurity Framework
  • NIST 800-series publications
  • FISMA
  • OMB Circular A-130
  • Federal cybersecurity compliance requirements
  • Incident response lifecycle
  • Security Operations Center best practices
  • Enterprise vulnerability management
  • Risk assessment methodologies
  • Information security governance

Preferred Qualifications

Candidates with one or more of the following are highly desired:

  • CISSP
  • CISM
  • GCIH
  • CySA+
  • Security+
  • CEH
  • CASP+
  • Experience supporting DOJ, DHS, DoD, or other Federal civilian agencies.
  • Experience with cloud security (Azure, AWS, or Microsoft 365).
  • Experience preparing executive-level briefings and cybersecurity metrics.
  • Experience developing security policies, playbooks, and standard operating procedures.
  • Experience supporting enterprise incident response and forensic investigations.

Desired Skills

  • Strong leadership and team management abilities
  • Excellent written and verbal communication skills
  • Executive presentation and briefing experience
  • Strong analytical and problem-solving skills
  • Ability to prioritize multiple initiatives in a mission-critical environment
  • Strong customer service and stakeholder management skills
  • Experience collaborating across technical and non-technical teams
Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*