Cyber Defense Cloud Incident Responder Security Clearance

Position: Cyber Defense Cloud Incident Responder with Security Clearance
Location: Hanover

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™ ASRC Federal is seeking a Cyber Defense Incident Response with cloud experience to support a mission-critical DCSA cybersecurity program.

This role is responsible for detecting, analyzing, and responding to security incidents affecting cloud-hosted and hybrid environments supporting national security systems. Remote flexibility available! Telework offered with a requirement to be onsite up to one (1) day a week at Hanover, MD. Position

Description:

As the Cyber Defense Cloud Incident Responder, your primary duty is to safeguard our national security systems by monitoring AWS, Azure, and Google Cloud environments for malicious activity using advanced SIEM and SOAR platforms. You will lead the entire incident response lifecycle-from detection and containment to eradication and recovery-performing root cause analysis and coordinating with the SOC, engineering, and government stakeholders.

A key part of your role involves leveraging threat intelligence to identify emerging cloud-based threats, mapping adversary tactics to the MITRE ATT&CK framework, and recommending defensive improvements. Additionally, you will be responsible for identifying cloud misconfigurations, supporting vulnerability remediation, and ensuring all activities align with critical compliance standards like NIST 800-53 and RMF through diligent documentation and audit support.

Minimum Requirements:

* Two (2) to Four (4) years' hands-on cybersecurity experience in one or more of the following:
* Incident Response or Threat Hunting within a mid-to-large enterprise
* SOC operations supporting cloud or hybrid environments
* Enterprise vulnerability management or endpoint/cloud security operations
* Active Top Secret (TS) Clearance REQUIRED, eligible to be upgraded to TS/SCI
* DoD 8570 Information Assurance (IA) Program / DoD 8140 Cyber Workforce Qualification Program (CWQP):
Must meet DoD 8570.01-M / IAT Level II or IAM Level II requirements at a minimum. At least one active qualifying certification required, including but not limited to:
* CompTIA Security+ CE, CompTIA CySA+, CompTIA SecX CE, SSCP, GCIH, GCED, GCIA, GSEC, CEH, Pentest+, Cloud+, GICSP, CISSP (or Associate)
* Bachelor's Degree, in Cybersecurity, and/or Information Systems Management or equivalent combination of education, experience and military service

Key Responsibilities:

* Cloud Security Operations & Monitoring
* Monitor AWS, Azure, and/or Google Cloud environments for malicious or anomalous activity using SIEM, SOAR, and cloud-native security tooling.
* Analyze logs, telemetry, alerts, and cloud audit data to identify indicators of compromise (IOCs) and attack patterns.
* Tune detection logic and alerting to reduce false positives and improve response fidelity.
* Incident Response
* Lead and support incident response activities across the full lifecycle: identification, containment, eradication, recovery, and lessons learned.
* Perform root cause analysis and impact assessments for cloud-related security incidents.
* Coordinate response actions with SOC analysts, engineering teams, system owners, and government stakeholders.
* Document incidents, response actions, and remediation recommendations in accordance with government reporting requirements.
* Threat Intelligence & Analysis
* Leverage threat intelligence sources to identify emerging threats targeting cloud platforms and federal environments.
* Map adversary activity to MITRE ATT&CK and cloud-specific threat models.
* Recommend defensive improvements based on observed tactics, techniques, and procedures (TTPs).
* Vulnerability & Risk Management
* Identify cloud misconfigurations, exposed services, and security gaps.
* Support vulnerability assessments and remediation prioritization for cloud-hosted systems.
* Advise on security controls aligned to NIST and DoD requirements.
* Compliance & Audit Support
*…