Req ID: RQ179763

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: None

Job Family: Cyber Security

Skills:

Cyber Defense,Cybersecurity,Cyber Threat Intelligence

Experience:

5 + years of related experience

US Citizenship Required:

Yes

Job Description:

GDIT has an opportunity for a dynamic and collaborative Lead Incident Responder to join our team. The Lead Incident Responder will be a member of our team supporting the Administrative Office of the U.S. Courts (AOUSC), Information Technology Security Office (ITSO). As a team member, the Lead Incident Responder will work collaboratively with federal and contractor staff to ensure the SOC effectively meets or exceeds the security operations requirements of each shift in a timely and comprehensive manner.

The Lead Incident Responder provides advanced technical support to forensics and incident response teams during the initial response to any cyber threats against the AOUSC’s enterprise. The Lead Incident Responder will work as part of a team that participates in any investigations into potential and actual cyber events observed in the enterprise and serve in a leadership capacity (both executing and providing guidance for) to conduct analysis and evaluate findings to enhance the security posture of the enterprise. The Lead Incident Responder will assist in providing guidance to junior analysts in a technical and developmental capacity.

The ideal candidate will possess a deep understanding of cybersecurity threats, incident response procedures, and forensic analysis. This role is critical in leading the response to security incidents, coordinating with various teams, and improving our overall security posture.

HOW AN SOC LEAD INCIDENT RESPONDER WILL MAKE AN IMPACT:

• Incident Response Leadership:

• Lead the incident response team in identifying, analyzing, and responding to security incidents.

• Develop and maintain incident response playbooks and procedures.

• Ensure effective communication and coordination during incident handling.

• Threat Detection and Analysis:

• Monitor and analyze security alerts from various sources, including SIEM, IDS/IPS, and endpoint protection systems.

• Conduct in-depth forensic analysis to determine the root cause and impact of security incidents.

• Perform malware analysis and reverse engineering to understand attack mechanisms.

• Incident Management:

• Coordinate incident response efforts across different teams and stakeholders.

• Document and report incidents, including the steps taken to mitigate and resolve them.

• Conduct post-incident reviews and lessons-learned sessions to improve response strategies.

• Security Enhancements:

• Identify gaps in existing security controls and recommend improvements.

• Stay current with the latest threat intelligence and incorporate it into incident response practices.

• Develop and deliver training programs to enhance the skills of the incident response team.

• Collaboration and Communication:

• Work closely with other SOC team members, IT, and business units to ensure comprehensive incident response.

• Communicate effectively with executive management, providing updates on incident status and impact.

• Establish and maintain relationships with external partners and law enforcement as needed.

WHAT YOU’LL NEED TO SUCCEED:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field. Advanced degree preferred.

• Minimum of 5 years of experience in cybersecurity, with at least 2 years in a lead incident response role.

• Proven experience in handling complex security incidents and conducting forensic investigations :

• Strong knowledge of cybersecurity principles, threat landscapes, and attack vectors.

• Proficiency with security technologies such as SIEM, IDS/IPS, EDR, and forensic tools.

• Experience with scripting and automation to streamline incident response processes.

• Familiarity with regulatory requirements and industry standards

• Relevant certifications include CISSP, CISM, GCFA, GCIH, or equivalent.

• Excellent leadership, communication, and interpersonal skills.

• Strong analytical and problem-solving abilities.

• Ability to work under pressure and manage multiple priorities.

GDIT IS YOUR PLACE:

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from

• Rest and recharge with paid vacation and holidays

The likely salary range for this position is $134,597 - $204,360. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.