Incident Response Associate Principal

The most security‑conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.

Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k.

This position will be on‑site based at a customer site in Tysons Corner, VA with ad‑hoc support required at other Virginia customer locations.

• Work with the customer to establish a mature insider threat monitoring capability across multiple Windows, Linux, and container environments.
• Execute a dual mandate over a designated time period to develop detection logic in the customer's SIEM solution and support the migration of logic, queries, and visualizations into a new SIEM solution.
• Work with the customer to improve incident response efficiencies.
• Support the Tier 1 Security Operations Team with investigations and responses.
• Improve the customer’s ability for early detection and mitigation of risks.

• This position requires an active TS/SCI clearance with polygraph required.
• Bachelor’s degree in computer science, engineering, information assurance, or a related discipline and 10+ years of related experience (additional experience may be substituted for a degree).
• Must have experience and expertise with SIEM solutions such as Splunk, Kibana, etc.
• Must have experience with log telemetry structure and log logic in Windows, Linux, and containerized environments.
• Experience with migrating schema mappings from one SIEM solution to another.
• Ability to demonstrate query language proficiencies.
• Must have experience with cloud service providers e.g., Google, AWS, Azure, etc.
• Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms.
• Experience creating dashboards, analytics, and alerts within SIEM tools.
• Experience working with monitoring systems supporting auditing, incident response, and system health.
• Experience with the OSINT framework and related tools.

All candidates must be U.S. citizens and meet eligibility requirements to access sensitive information.

Telos maintains a drug‑free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.

Telos Corporation participates in the E‑Verify program. Employment with Telos is contingent upon confirmation of authorized work in the United States by the Social Security Administration (SSA) and/or the Department of Homeland Security (DHS).

Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business.

If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1‑800‑283‑1911. If you require relay service assistance, please review information on your state’s relay service at (Use the "Apply for this Job" box below)..html

Telos Corporation is an EEO/AA employer.