Computer Network Defense Incident Manager III

Argo Cyber Systems

$100K — $130K *
Arlington, VA 22204In-Person
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • U.S. Citizenship required
  • Active TS/SCI clearance required
  • Bachelor's Degree in Cybersecurity or related field
  • 5+ years in cyber incident management or SOC/DFIR operations
  • Deep understanding of incident response methodologies and containment strategies
  • Working knowledge of NIST SP 800-61 Rev.2 and FISMA standards
  • Excellent communication and leadership skills under pressure

Responsibilities

  • Lead incident response and cyber defense operations for timely containment and recovery
  • Analyze incident data to identify trends and systemic vulnerabilities
  • Conduct CND triage to assess the impact of security events
  • Recommend Defense-in-Depth strategies and resilience improvements
  • Document resolutions to enhance future defenses
  • Apply cybersecurity concepts to detect and respond to intrusions
  • Monitor external threat data sources for situational awareness

Benefits

  • Medical, dental, and vision insurance
  • Life insurance
  • 401K retirement plan
  • Industry competitive employee benefits
Full Job Description
Computer Network Defense Incident Manager III

Location: Arlington, VA (On-Site)

Citizenship: US only

Clearance: Active TS/SCI (DHS EOD Suitability required)

Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)

Argo Cyber Systems is seeking an experienced Cyber Incident Manager - Computer Network Defense to lead and coordinate incident response operations for a high-profile U.S. Government customer. The Incident Manager will oversee the triage, analysis, and resolution of cybersecurity events across federal civilian networks and critical assets. This role requires a mix of technical depth, investigative skill, and the ability to synthesize complex data into actionable recommendations for both technical and executive audiences.

Role and Responsibilities
  • Lead and manage incident response and cyber defense operations, ensuring timely containment, eradication, and recovery.
  • Correlate and analyze incident data to identify trends, adversary tactics, and systemic vulnerabilities.
  • Conduct Computer Network Defense (CND) triage, assessing scope, urgency, and operational impact of security events.
  • Develop and recommend Defense-in-Depth strategies, layered defense architectures, and resilience improvements.
  • Research and document resolutions and mitigations to support enterprise recovery and strengthen future defenses.
  • Apply cybersecurity and threat intelligence concepts to detect, analyze, and respond to intrusions in both small and large-scale network environments.
  • Monitor and assess external threat data sources to maintain situational awareness and anticipate potential impacts to the enterprise.
  • Lead the investigation of incident root causes, infection vectors, and attacker methodologies.
  • Receive, analyze, and validate security alerts from enterprise monitoring tools, escalating as appropriate.
  • Track and document all incident response activities from detection through closure, ensuring comprehensive reporting and lessons learned.
  • Support continuous improvement by refining processes, updating playbooks, and mentoring junior analysts.


Qualifications, Education and Skills Requirements
  • U.S. Citizenship (required)
  • Active TS/SCI clearance (required)
  • Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related discipline
  • Ability to obtain DHS Entry on Duty (EOD) Suitability
  • 5+ years of hands-on experience in cyber incident management or SOC/DFIR operations
  • Deep understanding of incident response methodologies, containment strategies, and recovery workflows
  • Working knowledge of NIST SP 800-61 Rev.2 (Computer Security Incident Handling Guide) and FISMAincident reporting standards
  • Strong ability to analyze, prioritize, and document incidents, including phishing, lateral movement, and privilege escalation cases
  • Comprehensive understanding of cyberattack lifecycle stages and adversary tactics, techniques, and procedures (TTPs)
  • Proficiency in identifying vulnerabilities, threat vectors, and exploitation patterns
  • Knowledge of operating system hardening, network defense, and system administration fundamentals
  • Familiarity with nation-state, criminal, and opportunistic threat actor profiles and their operational tradecraft
  • Excellent communication, coordination, and leadership skills in high-pressure, mission-driven environments


Additional Desires and Considerations
  • Proficiency with enterprise SIEM, EDR, and incident management platforms (e.g., Splunk, SentinelOne, CrowdStrike, ServiceNow)
  • Experience leading shift-based operations or 24x7 response teams
  • Deep knowledge of malware, intrusion detection, and threat hunting techniques
  • Familiarity with log analysis, packet capture, and intrusion detection systems (IDS/IPS)
  • Strong understanding of MITRE ATT&CK framework and cyber kill chain methodology
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Intrusion Analyst (GCIA/GCED)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cyber Forensics Professional (CCFP) or equivalent
Additional Information
  • Shift work position; schedule determined upon start.
  • ECP-1 rates apply.
  • Must be available for onsite support during active incidents or surge operations.
Company Benefits

ARGO Cyber Systems provides industry competitive employee benefits to include medical, dental, vision, life insurance, and 401K.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Argo Cyber Systems

More Information Technology Jobs

Find similar Computer Network Defense Incident Manager III jobs:

NationwideArlington, VA