Cyber Incident Management Analyst - Hybrid

Nightwing provides advanced cyber, data operations, systems integration, and intelligence support services to U.S. Government customers. The company offers cyber space operations, cyber defense, vulnerability research, surveillance, data intelligence, mission enablement, and software modernization.

The role supports a U.S. Government customer in onsite incident response to civilian agencies and critical asset owners experiencing cyber attacks. Contract personnel investigate breaches, develop mitigation plans, and assist with service restoration. Nightwing seeks a Cyber Incident Manager for this mission.

• Correlate incident data to identify trends.
• Recommend defense in depth principles and practices.
• Perform Computer Network Defense incident triage.
• Research and compile resolution steps or workarounds.
• Apply cybersecurity concepts to detect and defend intrusions into IT networks; conduct basic log analysis.
• Monitor external data sources to maintain current threat conditions.
• Identify incident causes and determine key elements for external inquiries.
• Analyze network alerts to determine possible causes.
• Track and document CND incidents from detection to resolution, coordinating with other components.
• Shift work may be required; triage and research incidents for IOCs, escalating as needed.

• U.S. citizenship.
• Active TS/SCI clearance.
• Eligibility for DHS suitability.
• 5+ years of cyber incident management or cybersecurity operations.
• Sound knowledge of incident response methodologies.
• Familiarity with NIST 800-62 and FISMA reporting.
• Ability to prioritize incidents, investigate phishing tactics, and identify reporting gaps.
• Knowledge of attack stages, vulnerability categorization, and associated attacks.
• Basic system administration, OS hardening, CND policies and procedures.
• Understanding of threat environments (script kiddies, non‑nation state, nation‑state).
• Knowledge of service/application security threats (buffer overflow, mobile code, XSS, injections, race conditions, covert channels, replay, return‑oriented programming, malicious code).

• Deeper knowledge of threat environments and attack methods listed above.

• B.S. in Incident Management, Operations Management, Cybersecurity or related field, or high school diploma with 7‑9 years incident or cyber experience.

• GCIH, GCFA, GISP, GCED, CCFP, or CISSP.

Arlington, VA

Nightwing is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.