Incident Responder
Listed on 2026-07-01
-
IT/Tech
Cybersecurity
Incident Responder
The Opportunity:
CACI is seeking a skilled and experienced Incident Responder (Level
2) to join our dynamic team to support a DoD client in Suitland, MD. The ideal candidate will have extensive experience in Computer Network Defense (CND), incident triage, incident reporting, and incident response and investigation. This role requires a proactive individual with strong analytical skills, excellent communication abilities, and a deep understanding of IT systems and networks. The Incident Responder will be responsible for managing the full incident lifecycle, from detection and analysis to containment, remediation, and recovery.
Responsibilities:
- Manage the full incident lifecycle, including detection, analysis, containment, remediation, and recovery.
- Triage, report, and respond to security incidents in a timely manner.
- Conduct incident and intrusion trend analysis to identify patterns and potential threats.
- Document incidents clearly and concisely, ensuring all relevant information is captured for future analysis and legal or compliance purposes.
- Prepare and present detailed incident reports and briefings to stakeholders.
- Interpret Security Classification Guides and apply classification markings/interpretations.
- Coordinate spillage cleanup activities to ensure data integrity and security.
- Utilize threat intelligence to enhance incident response efforts.
- Develop and implement "best practices," manuals, and standard operating procedures based on Federal, DoD, IC, and industry standards.
- Collaborate with technical teams to implement remediation measures to prevent recurrence of incidents.
- Coordinate with stakeholders to provide updates and recommendations for improving security practices based on post-incident analysis.
- Utilize incident tracking tools such as ticketing systems and case management platforms.
- Employ cybersecurity tools to investigate instances of alleged employee or external actor wrongdoing.
Qualifications:
Required:
- TS/SCI Security Clearance
- BA/BS in Computer Science, Information Technology, Information Assurance, or a related area of study desired.
- Without a degree, 8+ years of relevant professional experience in those fields is required.
- Must have 5+ years of concentrated experience in CND discipline.
- 3+ years of professional experience in incident triage, incident reporting, incident response and investigation, incident and intrusion trend analysis, interpreting Security Classification Guides and applying classification markings/interpretations, and spillage cleanup coordination.
- Sec + CE Certification
- Effective interpersonal, organizational, time management, writing/documentation, and briefing skills with strong attention to detail.
- Strong analytical, conceptual, and problem-solving skills.
- Proven ability in communicating effectively and developing/presenting presentations.
- Ability to think outside the box by utilizing IT knowledge and cybersecurity tool output to investigate incidents.
- Proven ability in prioritizing, executing, and completing tasks with little to no direction in a high-pressure environment.
- Moderate experience utilizing Federal, DoD, IC, and industry standards in the creation of "best practices," manuals, and standard operating procedures.
- Moderate experience in the development and implementation of Incident Reporting, Response, and Remediation tactics, techniques, and procedures (TTPs).
- Moderate knowledge of policies and processes related to Computer Network Defense (CND) execution.
- Moderate knowledge of incident management lifecycle processes required for the identification, categorization, eradication, response, recovery, and mitigation of cybersecurity incidents and breaches.
- Moderate knowledge of common enterprise services such as domain controller
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).