Cybersecurity Incident Response Engineer- Secret
Dunhill Professional Search, Fairfax, VA, United States
Clearance:
Active Secret Clearance required
Travel:
Up to 10%
Qualifications, skills, and all relevant experience needed for this role can be found in the full description below.
We are seeking a
Junior Cybersecurity Incident Response Engineer
to support a mission-critical federal environment. This role is responsible for monitoring enterprise security tools, identifying potential threats, and supporting incident response efforts.
The ideal candidate will have foundational cybersecurity knowledge, strong analytical skills, and the ability to operate in a fast-paced Security Operations Center (SOC).
Key Responsibilities
Monitor SIEM and security tools to detect, analyze, and correlate potential cybersecurity threats
Perform Tier 1 alert triage, including validating alerts, assessing severity, and escalating as needed
Differentiate false positives from legitimate security incidents
Support incident response activities, including evidence collection and containment efforts
Document investigations thoroughly for audit and reporting purposes
Follow SOC playbooks, procedures, and escalation protocols
Assist in tuning detection rules and improving alert accuracy
Collaborate with IT, operations, and risk teams to align with security policies and mission needs
Maintain awareness of security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners
Required Qualifications
Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field (or equivalent experience)
0–3 years of experience in cybersecurity, IT operations, or related field
Basic understanding xywuqvp of cybersecurity principles and threat detection
Experience or familiarity with SIEM and other security tools
Active Secret Clearance (required)
Strong problem-solving, communication, and analytical skills
Preferred Qualifications
Experience in a SOC or 24/7 monitoring environment
Relevant Certification (Security+, CySA+, etc.)
Familiarity with incident response playbooks and procedures
Exposure to federal cybersecurity frameworks or compliance standards
Active Secret Clearance required
Travel:
Up to 10%
Qualifications, skills, and all relevant experience needed for this role can be found in the full description below.
We are seeking a
Junior Cybersecurity Incident Response Engineer
to support a mission-critical federal environment. This role is responsible for monitoring enterprise security tools, identifying potential threats, and supporting incident response efforts.
The ideal candidate will have foundational cybersecurity knowledge, strong analytical skills, and the ability to operate in a fast-paced Security Operations Center (SOC).
Key Responsibilities
Monitor SIEM and security tools to detect, analyze, and correlate potential cybersecurity threats
Perform Tier 1 alert triage, including validating alerts, assessing severity, and escalating as needed
Differentiate false positives from legitimate security incidents
Support incident response activities, including evidence collection and containment efforts
Document investigations thoroughly for audit and reporting purposes
Follow SOC playbooks, procedures, and escalation protocols
Assist in tuning detection rules and improving alert accuracy
Collaborate with IT, operations, and risk teams to align with security policies and mission needs
Maintain awareness of security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners
Required Qualifications
Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field (or equivalent experience)
0–3 years of experience in cybersecurity, IT operations, or related field
Basic understanding xywuqvp of cybersecurity principles and threat detection
Experience or familiarity with SIEM and other security tools
Active Secret Clearance (required)
Strong problem-solving, communication, and analytical skills
Preferred Qualifications
Experience in a SOC or 24/7 monitoring environment
Relevant Certification (Security+, CySA+, etc.)
Familiarity with incident response playbooks and procedures
Exposure to federal cybersecurity frameworks or compliance standards