Job Description

This job opportunity is part of a RFP process; candidates are invited to submit their resumes detailing relevant experience. 

Job Title:  Cyber Incident Response Specialist, Senior

Work Location : Washington DC (Onsite)

Clearance:  Public Trust 

Required:  US citizen or Lawful Permanent Resident

LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.

Job Summary: 

LCG’s Growth Team is seeking an experienced Cyber Incident Response Specialist, Senior . As Cyber Incident Response Specialist, Senior , you will play a critical role in monitoring, investigating, and responding to cybersecurity incidents across client networks. You will analyze alerts from the Security Operations Center (SOC) and third-party notifications, work with enterprise system owners to remediate threats, and document knowledge to enhance the team's response capabilities. This role also involves identifying security tool outages, participating in process improvements, and advising on automation strategies to strengthen incident response operations.

This position requires strong technical expertise in incident response, security tools, and automation. You'll work with emerging security technologies, including deception infrastructure, continuous penetration testing, data loss prevention (DLP), and machine learning-based security solutions. A strong background in ticketing workflows, endpoint detection and response (EDR), network packet capture (pcap) analysis, and security tool alert investigations is essential.

Key Responsibilities

• Investigate, validate, and respond to cybersecurity incidents, conducting root cause analysis and recommending improvements.
• Serve as the primary escalation point for the SOC during security incidents.
• Communicate with internal and external teams to coordinate responses and resolutions.
• Develop and refine incident response processes, procedures, and playbooks.
• Participate in breach and attack simulations, as well as purple teaming exercises, to assess and improve response readiness.
• Create executive-level reports, presentations, and post-incident summaries for stakeholders.
• Research emerging threats to enhance the organization's detection and response capabilities.
• Develop security automation workflows, enrichments, and mitigations in collaboration with developers.
• Maintain and improve security detections in SIEM and extended detection and response (XDR) platforms.
• Integrate threat intelligence feeds with security policies and enforcement mechanisms.
• Evaluate security policies and procedures, recommending updates as necessary.
• Preserve evidence integrity in line with industry best practices and standards.
• Provide recommendations to strengthen the overall security posture of the organization.
• Participate in on-call rotations for incident response, including nights and weekends as required.

Qualifications

• Bachelor’s degree or equivalent experience in cybersecurity, information technology, software engineering, or a related field.
• At least four years of experience in an incident response role.
• Certifications Preferred: CCE, CCFE, CEH, CPT, CREA, GCFE, GCFA, GCIH, GCIA, GIAC, Splunk Core, OSCP, or equivalent industry certifications.
• Strong background in digital forensics, malware analysis, penetration testing, or information assurance.
• Proficiency in scripting languages such as Python and PowerShell, with experience in security automation (SOAR) preferred.
• Excellent communication skills, with the ability to present findings to technical and executive audiences.
• Deep understanding of operating systems, computer networking, cloud security, and common cyber threats.
• Familiarity with security frameworks such as NIST SP 800-61, MITRE ATT&CK, SANS Security Controls, and the OWASP Top 10.
• Experience handling advanced threats, including nation-state actors, ransomware gangs, and insider threats.
• Ability to work effectively under pressure, with experience in high-stress environments a plus.

Compensation and Benefits  

The projected compensation range for this position is $97,500 to $140,000 year benchmarked in the Washington, D.C. metropolitan area. The target salary is $136,800.00. 

The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.

LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.

Devoted to Fair and Inclusive Practices   

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at  [email protected] .

Securing Your Data   

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or  [email protected] emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at  [email protected] .

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the  U.S. Federal Trade Commission .

This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.

Job Tags

Similar Jobs