CBO - Tier 3 Incident Responder in Washington, District of Columbia at cFocus Software Incorporated
NewEmployment Type: Full-Time
cFocus Software Incorporated
Washington, District of Columbia, 20001, United States
Posted on
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
Computer and Information Analysts jobs near me in Washington, D.C.Jobs near me in Washington, D.C.Computer and Information Analysts jobs
Job Description
cFocus Software seeks a Tier 3 Incident Responder to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.
Qualifications:
Duties:
Qualifications:
- Active Public Trust clearance
- B.S. Computer Science, Information Technology, or a related field
- 5–8+ years of experience in cybersecurity incident response or digital forensics
- Hands-on experience with Microsoft Sentinel, Defender XDR, and SIEM tools
- Strong knowledge of incident handling frameworks (NIST SP 800-61)
- Experience with forensic tools (e.g., EnCase, FTK, Volatility, Velociraptor)
- Proficiency in log analysis, threat detection, and correlation across multiple data sources
- Experience with cloud environments (AWS, Azure) and enterprise networks
- Strong understanding of MITRE ATT&CK framework
- Preferred certifications include but are not limited to
- GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g., AWS security)
- Privacy certifications (e.g., CIPP/US, CIPM) where applicable
Duties:
- Lead complex incident investigations across enterprise environments (cloud, endpoint, network, identity)
- Perform full lifecycle incident response: detection, triage, containment, eradication, and recovery
- Conduct digital forensics, including evidence acquisition, preservation, and analysis
- Perform malware analysis (static and dynamic techniques)
- Provide root cause analysis (RCA) and post-incident reporting with remediation recommendations
- Support ransomware response and provide advisory guidance consistent with federal policy
- Execute advanced threat hunting across SIEM (Microsoft Sentinel) and XDR platforms
- Coordinate with SOC analysts (Tier 1 & 2), engineers, and stakeholders during incidents
- Develop and improve incident response playbooks and procedures
- Ensure chain-of-custody and evidence integrity for all forensic investigations
- Support compliance with NIST SP 800-61 and federal incident handling requirements
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Washington, District of Columbia, 20001, United States
Frequently asked questions about this position
Similar Jobs In Washington, District of Columbia
New
Cyber Security Engineer- CND
OSC Edge
Quantico, Virginia
CBO - Tier 3 SOC Analyst
cFocus Software Incorporated
Washington, District of Columbia
New
Senior Close Access Network Operator
Oak Grove Technologies LLC
Fort Belvoir, Virginia
Cybersecurity Policy and Operations Analyst
Core4ce
Washington, District of Columbia
New
Information Assurance Analyst
Gunnison Consulting Group
Washington, District of Columbia
Apply NowYour application goes straight to the hiring team
By submitting your application, you understand and agree to JobTarget's
Terms of Use and
Privacy Policy.