"Alerted.org

Description

Tyto Athene is searching for an **Incident Response Lead** to support threat monitoring, detection, event analysis, and incident reporting. The Security Operations Center is a 24/7 environment. You will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on threats that are directed against those systems. You will be expected to collaborate with Senior Analysts to assist with efficient triage and remediation of events in the incident queue. Utilizing SIEM technologies, you will provide the client with a fully comprehensive array of analytical activities in support of external threat monitoring, detection, event analysis, and incident reporting efforts to include analysis of inbound and outbound internet traffic, suspicious e-mail messages, and cloud security logs. You will also be responsible for the generation of client reports both scheduled and ad hoc.

Responsibilities:

+ Provide support for complex computer network exploitation and defense techniques

+ Deter, identify, and investigate endpoint and network intrusions, to include digital endpoint forensics

+ Provide incident investigation, containment, and remediation support

+ Perform comprehensive computer surveillance/monitoring

+ Provide technical support for continuous monitoring, computer exploitation, and reconnaissance

+ Research and maintain proficiency in open and closed source computer exploitation TTP’s

+ Perform research into emerging threat sources

Qualifications

Required:

+ A minimum of 8 years of general work experience and 4 years of relevant experience in functional responsibility

+ Bachelor’s Degree, or an equivalent combination of formal education and experience

+ Experience with:

+ SIEM (Splunk preferred)

+ Email/Phishing

+ Major Cloud Providers (AWS, Azure, GPC)

+ AV/EDR

+ Networking Equipment

+ Endpoint Logging (Windows, Linux)

+ Packet capture analysis

+ Forensics software (Encase, FTK)

+ Must have strong analytical and organizational skills

+ Must have concise writing skills

Desired:

+ Experience working a SOC and doing incident response is highly preferred

Location:

+ This position is onsite in Washington, DC

Clearance:

+ US Citizenship required with eligibility for Public Trust

About Tyto Athene

Compensation:

+ Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically between $165,000-$175,000. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

+ Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.

Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains—Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT—empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.

At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?

Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.

Submit a Referral (https://careers-gotyto.icims.com/jobs/1549/incident-response-lead/job?mode=apply&apply=yes&in\_iframe=1&hashed=-1834326889)

**Location** _US-DC-Washington_

**ID** _2025-1549_

**Category** _Cybersecurity_

**Position Type** _Full-Time_