Cyber Team Six Senior Information Security Professional, Security Incident Response

Location: Arlington, Virginia

Job Description

The CyberSponse “Cyber Team Six” provides world-class Incident Response capabilities to our customers. We are looking for motivated, highly technical, and self-driven Incident Response professionals to support the full gamut of detection, analysis, planning, containment, remediation, and response activities. The Senior Incident Response Analyst team member will support the development of this highly visible program.

Duties and Responsibilities

  • Use finished reporting related to malware or known actor TTPs to develop signatures and/or instrument detection capabilities
  • Work with other CT6 and Government teams to leverage extracted IOCs to enhance security posture of the organization
  • Hunt for and identify threat actors tools, tactics and behaviors occurring on the network
  • Provide forensic analysis outputs from a variety of sources including packet captures, filesystems, host-based applications and security logs, networking and other parts of customer security architecture
  • Own processes and procedures to execute operational activities related to Disk Forensics and Incident Response functions
  • Mentor Jr analysts
  • Lead and prioritize incident response efforts across the enterprise, and develop containment and remediation plans

Preferred Certifications

  • GCIH, GCIA, EnCe, GCFE, CEH, Security+

Additional Requirements

  • US Citizen (REQUIRED)
  • Ability to pass a Background Check – AND – Drug Test (REQUIRED)
  • Ability to obtain Secret/TS clearance at the request of the Gov.

Requirements & Qualifications


  • Bachelor’s degree in Computer Science or Information systems – OR –
  • Minimum ten (10) years of relevant professional experience


  • Experience with forensic analysis (EnCase or FTK)
  • Knowledge of Microsoft Windows, including registry, logs, and common forensic artifacts
  • Knowledge of TCP/IP and networking fundamentals, network architecture, and security infrastructure’s best practices
  • Ability to document technical analyses and generate reports
  • Experience with performing intrusion investigations and hunting advanced threats
  • Experience with determining the indicators of compromises based on technical analyses
  • Experience with scripting languages
  • Experience with Microsoft Windows memory analysis
  • Experience with UNIX
  • Possession of excellent analytical skills
  • Possession of excellent oral and written communication skill

Message from the CEO

“CyberSponse is a company built on trust, loyalty and honor. The management team truly cares about each team member of the Company and are very protective and selective of extending offers to new hires. We are all driven to maintain a culture that enables you to perform your best work, grow your professional and personal skills allowing you to fulfill your goals and career objectives. We are also confident you will also make some good friends along the way too. You will see that we care for and protect our team members, their families, their financial security, and determined to help each of our team improve their way of life. We believe that without loyalty a team or individual cannot be successful. We look forward to continuing our process to see if this is a good fit for both parties.” – Larry Johnson


If you are interested in this opportunity and would like to learn more, please contact CyberSponse Human Resources, with a current resume and cover letter at

About CyberSponse

CyberSponse provides an enterprise-grade secure platform using innovative technology to increase response efficiency with cyber security tools, as well as management of response team’s daily activities. CyberSponse’s Automation platform incorporates a proprietary embedded collaboration technology designed to create, test and manage efficient response automated plans. The CyberSponse platform is the only solution of its kind in the market, operating with enterprise customers and on a very fast growth trajectory. Our vision is to make the solution easy to use and by integrating legacy technology systems together through our robust API connectivity ensures it is not just another cyber security but the central nervous system of the entire network.