×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Systems Engineer Network Security

Cyber Defense Cloud Incident Responder

Job in Hanover, Howard County, Maryland, 21098, USA
Listing for: ASRC Federal
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Systems Engineer, Network Security
Salary/Wage Range or Industry Benchmark: 87683 - 145000 USD Yearly USD 87683.00 145000.00 YEAR
Job Description & How to Apply Below
Location: Hanover

Posted Monday, January 26, 2026 at 5:00 AM

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are atop veteran employer and Certified Great Place to Work™

ASRC Federal is seeking a Cyber Defense Incident Response with cloud experience to support a mission‑critical DCSA cybersecurity program. This role is responsible for detecting, analyzing, and responding to security incidents affecting cloud‑hosted and hybrid environments supporting national security systems.

Remote flexibility available! Telework offered with a requirement to be onsite up to one (1) day a week at Hanover, MD.

Position Description

As the Cyber Defense Cloud Incident Responder, your primary duty is to safeguard our national security systems by monitoring AWS, Azure, and Google Cloud environments for malicious activity using advanced SIEM and SOAR platforms. You will lead the entire incident response lifecycle—from detection and containment to eradication and recovery—performing root cause analysis and coordinating with the SOC, engineering, and government stakeholders.

A key part of your role involves leveraging threat intelligence to identify emerging cloud‑based threats, mapping adversary tactics to the MITRE ATT&CK framework, and recommending defensive improvements. Additionally, you will be responsible for identifying cloud misconfigurations, supporting vulnerability remediation, and ensuring all activities align with critical compliance standards like NIST 800‑53 and RMF through diligent documentation and audit support.

Key Responsibilities
  • Cloud Security Operations & Monitoring
  • Monitor AWS, Azure, and/or Google Cloud environments for malicious or anomalous activity using SIEM, SOAR, and cloud‑native security tooling.
  • Analyze logs, telemetry, alerts, and cloud audit data to identify indicators of compromise (IOCs) and attack patterns.
  • Tune detection logic and alerting to reduce false positives and improve response fidelity.
  • Lead and support incident response activities across the full lifecycle: identification, containment, eradication, recovery, and lessons learned.
  • Perform root cause analysis and impact assessments for cloud‑related security incidents.
  • Coordinate response actions with SOC analysts, engineering teams, system owners, and government stakeholders.
  • Document incidents, response actions, and remediation recommendations in accordance with government reporting requirements.
  • Leverage threat intelligence sources to identify emerging threats targeting cloud platforms and federal environments.
  • Map adversary activity to MITRE ATT&CK and cloud‑specific threat models.
  • Recommend defensive improvements based on observed tactics, techniques, and procedures (TTPs).
  • Vulnerability & Risk Management
  • Identify cloud misconfigurations, exposed services, and security gaps.
  • Support vulnerability assessments and remediation prioritization for cloud‑hosted systems.
  • Advise on security controls aligned to NIST and DoD requirements.
  • Compliance & Audit Support
  • Support compliance activities aligned to NIST 800‑53, RMF, and DoD cybersecurity requirements.
  • Assist with security documentation, evidence collection, and audit response.
  • Validate cloud security configurations against established baselines and policies.
Required Technical Skills
  • Cloud Platform experience:
    Practical experience securing AWS, Azure, and/or Google Cloud environments.
  • Security Tooling:
    Experience with SIEM/SOAR platforms such as Splunk, Elastic, Swimlane, or equivalent.
  • Incident Response:
    Proven experience executing IR playbooks and responding to real‑world security incidents.
  • Networking & Systems:
    Strong understanding of TCP/IP, DNS, authentication mechanisms, operating systems, log analysis, and cloud architecture.
  • Frameworks & Standards:
    Familiarity with NIST Cybersecurity Framework, NIST 800‑53, and RMF concepts.
  • Analysis & Reporting:
    Ability to clearly document findings, response actions, and technical recommendations.
Desired (Nice‑to‑Have) Qualifications
  • Experience supporting classified or DoD…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search