CrawlJobs Logo

Cybersecurity Incident Responder

United States, Fort Bragg Employment contract 90146.00 - 150244.00 USD / Year · Job Posted May 28, 2026
Apply Position
Job Link Share

Job Description

We are currently seeking a Cybersecurity Incident Responder to join our team in Fort Bragg, North Carolina (US-NC), United States (US).

Job Responsibility

  • Detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents across enterprise, endpoint, network, and cloud environments
  • Conducting investigations and responding to cybersecurity alerts and confirmed incidents across enterprise networks and cloud platforms such as AWS, Microsoft Azure, and Google Cloud
  • Executing containment actions on compromised systems or accounts
  • Supporting eradication and recovery efforts
  • Documenting all response activities through incident closure
  • Analyzing malware infections and responding to indicators of ransomware, trojans, spyware, and unauthorized software
  • Coordinating host containment and remediation actions such as antivirus or EDR scanning, reimaging, and evidence preservation
  • Managing spillage and data-loss events by containing and sanitizing affected systems
  • Coordinating reporting and remediation
  • Supporting insider-threat or data-exfiltration investigations
  • Conducting continuous monitoring by reviewing SIEM alerts, logs, endpoint notifications, and user reports
  • Creating accurate incident tickets, detailed timelines, after-action reports, maintaining evidence and chain-of-custody records
  • Briefing leadership or management as needed

Requirements

  • Minimum 7 years' of professional experience
  • Minimum 4 years' of experience in cybersecurity, help desk, system administration, SOC, or IR
  • Minimum 1 year of experience in Incident Response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned)
  • Minimum 1 year of experience in Email phishing investigations
  • Minimum 1 year of experience with one or more: Splunk and Elastic for Cloud, Endpoint Detection & Response (EDR) tools, Antivirus platforms, Vulnerability scanners (ACAS), ServiceNow, Remedy or similar ticketing systems
  • DoD 8570/8140 certification: CompTIA Security+ CE
  • Top Secret Security Clearance, SCI eligible

Nice to have

  • Malware basics
  • Networking fundamentals (IP, DNS, ports, protocols)
  • Experience supporting enterprise IT environment
  • Certification in one of: CySA+, CASP+, GIAC (GCIH, GCFA, etc.)

What we offer

  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cybersecurity Incident Responder

8 matching positions

Senior Incident Responder (Advanced IR & Forensics)

We are currently seeking a Senior Incident Responder (Advanced IR & Forensics) R...
Location
Location
United States , Plano
Salary
Salary:
106000.00 - 142000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in incident response, digital forensics, or threat hunting
  • Proven leadership in handling enterprise-scale or breach-level incidents
  • Experience working with legal, compliance, and external response teams
  • Advanced digital forensics and malware analysis
  • Threat hunting and adversary emulation
  • Detection engineering and playbook development
  • Executive communication and decision support
  • GIAC GCFA
  • GIAC GREM
  • GIAC GNFA
Job Responsibility
Job Responsibility
  • Lead response for critical incidents including ransomware and APTs
  • Perform advanced disk, memory, and malware forensics
  • Reconstruct full attack lifecycles and assess business impact
  • Drive threat hunting and proactive detection improvements
  • Develop and enhance IR playbooks, detection rules, and response strategies
  • Lead post-incident reviews and continuous improvement initiatives
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity Incident Analyst

The Principal Analyst Cybersecurity Incident is a key role responsible for manag...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology or Computer Science preferred
  • Relevant certifications such as SANS GIAC Security Essentials (GSEC)
  • At least 5 years of experience in the technology information security industry
  • Hands-on experience in administering & managing SIEM platforms Palo Alto XSIAM, Splunk, Microsoft Sentinel etc.
  • Hands-on experience to Analyse logs/events from SIEM solution, wireshark and other infrastructure
  • Deep knowledge of cybersecurity concepts, technologies, and best practices
  • Experience in working in Security Operation Centre and Network Security operations
  • Hands-on experience in administering & managing Vulnerability Management solutions like Qualys, Tenable etc.
  • Hands-on experience in administering & managing SOAR Palo Alto Cortex XSOAR or other SOAR solutions
  • Expertise in writing new and interpreting query language SPL, KQL, XQL
Job Responsibility
Job Responsibility
  • Act like a SIEM consultant who provides expertise and guidance to organizations in setting up, managing, and improving their SOC capabilities
  • Look over dashboards, and reports from the previous day or shift, including checking for any new threats and identifying malware
  • Prepare for and respond to system breaches or attacks
  • Respond to hacks or network insecurities and working to prevent new ones
  • Participate in a shift roster which may comprise of shifts business hours and after hours
  • Assessing SIEM maturity: Evaluating the existing SIEM setup and capabilities of an organization
  • Developing or refining the SIEM infrastructure, the architecture, tools, processes, and workflows of a SOC
  • Implementing security technologies when necessary: Assessing, selecting, and implementing various security technologies such as SIEM, SOAR systems, intrusion detection systems, threat intelligence platforms, and incident response tools
  • Support the Security Management Lifecycle including: monitoring, investigation, research, correlation, trend analysis, remediation and siem configuration
  • Developing security policies and procedures: Assisting in developing, documenting, maintaining SOC standard operating procedures (SOPs), incident response plans, playbooks, and other security policies
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Response Team Lead

The Cybersecurity Incident Response Team Lead is a leadership role responsible f...
Location
Location
United States Of America , NEW YORK
Salary
Salary:
150000.00 - 185000.00 USD / Year
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or a related field
  • Minimum 10+ years of experience in information security or related field
  • Ability to analyze, prioritize, and manage security incidents effectively
  • Ability to align cyber risk initiatives with business objectives
  • Strong ensure thorough documentation and clear communications over security operations activities
  • Proven track record of building and leading high performing teams
  • Expertise in navigating banking regulations
  • Strong knowledge with information security technologies such as SIEM, SOAR, EDR, NDR, etc.
  • Strong knowledge with leading security investigations
  • Deep understanding of frameworks such as NIST Cybersecurity Framework
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy aligned with the bank's risk appetite and business objectives
  • Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them
  • Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities
  • Collaborate with IT and engineering teams to integrate security into systems and processes
  • Fulltime
Read More
Arrow Right

Sr. Cybersecurity Incident Response Analyst

Blue Yonder, a leading supply chain software company, is seeking a Sr Cybersecur...
Location
Location
Mexico , Monterrey; Mexico City
Salary
Salary:
Not provided
blueyonder.com Logo
Blue Yonder
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related equivalent experience
  • 5+ years of experience in information security or cybersecurity as an analyst, engineer or consultant
  • MUST have experience with incident response methodologies and tools (e.g. SANS IR, EDR, SIEM, Threat Intelligence, etc.)
  • Strong technical skills and attention to detail
  • Excellent verbal and written communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and in a fast-paced environment
  • Strong problem-solving skills and a proactive approach to work
  • Knowledge of security frameworks such as NIST and ISO 27001
  • Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
Job Responsibility
Job Responsibility
  • Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk
  • Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact
  • Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence
  • Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate
  • Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture
  • Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes
  • Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats
  • Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices
  • Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them
  • Fulltime
Read More
Arrow Right

Expert Incident Response Cybersecurity Analyst

Expert Incident Response Cybersecurity Analyst. This role has been designed as ‘...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience desired
  • 6+ years of experience in cybersecurity, with a focus on incident response and threat analysis desired
  • Proven experience in security tools and technologies, including SIEM, EDR, and Incident ticketing technology
  • Strong knowledge & understanding of common attack vectors and threat actor tactics, techniques, and procedures
  • Expertise in Security Information and Event Management (SIEM) tools and related security platforms
  • Demonstrates exceptional proficiency in performing log analysis across common environments (Windows, Linux, AWS, Azure, GCP)
  • In-depth knowledge of common security threats, vulnerabilities, and attack methodologies – including advanced persistent threats (APTs) and zero-day exploits
  • Extensive experience with performing in-depth incident investigation, documenting findings, and developing actionable remediation plans
  • Strong communication skills
  • Ability to work independently and on high-impact projects in fast-paced environments
Job Responsibility
Job Responsibility
  • Monitor and analyze network traffic, logs, and alerts to identify and respond to security incidents
  • Conduct in-depth investigations of security incidents, including root cause analysis and impact assessment
  • Develop and maintain security tools and processes to improve the efficiency and effectiveness of the Cyber Defense Center
  • Collaborate with other teams, including IT, Legal, and Communications, to ensure a coordinated response to security incidents
  • Provide expert advice and guidance to other teams on cyber security best practices and risk management
  • Combines deep industry expertise with a thorough understanding of information and security technology to effectively analyze associated logs and respond to high severity incidents
  • Contributes to the company's security response methods, suggesting automation opportunities which can enhance IR
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies, driving innovation within the organization's threat detection and response capabilities
  • Foster a culture of continuous improvement and innovation, encouraging the adoption of new technologies and methodologies within the team
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Our Utah-based client is looking for a skilled Cyber Security Engineer to join o...
Location
Location
United States , Salt Lake City
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5-7 years of experience in cybersecurity roles
  • Strong expertise in firewall technologies, including Checkpoint and Cisco ASA
  • Proficiency in configuration management and security tool deployment
  • Deep understanding of Azure cybersecurity principles and practices
  • Experience conducting security audits and implementing corrective measures
  • Ability to analyze and respond to security incidents effectively
  • Familiarity with industry standards and regulatory compliance requirements
  • Excellent communication skills and ability to work collaboratively
Job Responsibility
Job Responsibility
  • Microsoft Security Stack Mastery
  • Azure, Azure Security & Cloud Security Architecture
  • Identity & Access Management (IAM)
  • Experience or Knowledge on protecting copilot and other AI tools
  • Compliance, Audit & Governance
  • Evaluate Network Security Engineering
  • Security Governance & Risk Communication
  • Endpoint Security & Hardening
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Service Engineer

As a Service Engineer on the M365 AGC team, you will play a critical role in ens...
Location
Location
United States , Reston
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology, Mechanical Engineering, Electrical Engineering, Aerospace Engineering, Data Science, Cybersecurity, or related field AND 2+ years technical experience in software engineering, network engineering, service engineering, systems engineering, or industrial controls OR equivalent experience
  • Hands-on experience supporting complex IT environments, with a strong understanding of system and service management challenges
  • Experience operating in large distributed or air-gapped environments, with a focus on reliability, security, and compliance
  • Ability to build consensus and influence across teams to achieve common goals
  • Recent experience with Azure or equivalent hyperscale cloud technologies
  • U.S. citizenship verification is required due to legal and customer requirements for this role
  • Ability to meet Microsoft, customer, and/or government security screening requirements, including an active Top-Secret clearance with CI or FSP (if CI, willingness to upgrade to FSP) and successful completion of the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Operate and support Microsoft 365 services in air-gapped and sovereign cloud environments, ensuring high availability and compliance with strict security standards
  • Responds to incidents during regular on-call rotations by identifying the level of impact, troubleshooting incidents, and deploying appropriate fixes to resolve root cause(s). Shares details related to incidents and their resolution through postmortem reports
  • Monitors and acts on telemetry data. Performs analyses to identify patterns that reveal errors that are affecting the system's availability, reliability and performance with minimal guidance. Develops scripting and/or automation used in monitoring based on observations and experience
  • Implements reliable, scalable, and high-performance solutions across teams. Owns implementation and rollback plans. Quantifies and ensures the health and compliance of a service with minimal guidance
  • Partner with engineering, program management, and security teams to deliver new features and maintain service parity with public cloud offerings
  • Engage with internal and external stakeholders to communicate service status, risks, and mitigation plans
  • Continuously assess and improve operational posture, adopting best practices for service engineering in regulated environments
  • Fulltime
Read More
Arrow Right

Cybersecurity Specialist

Barbaricum is seeking several Cybersecurity Specialist (All Levels) to support c...
Location
Location
United States , Aberdeen
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret / SCI clearance required
  • Bachelor's degree in Cybersecurity, Information Technology, or related field
  • Relevant experience based on level
  • Knowledge of DoD cybersecurity frameworks (NIST, RMF)
  • DoD 8570/8140 certification (e.g., Security+, CISSP)
Job Responsibility
Job Responsibility
  • Support implementation of cybersecurity policies and controls
  • Conduct risk assessments and vulnerability analysis
  • Support RMF processes and system authorization activities
  • Monitor system security posture and respond to incidents
  • Maintain security documentation and compliance artifacts
  • Fulltime
Read More
Arrow Right