Senior Incident Responder

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

Senior Incident Responder

ASRC Federal is seeking a qualified Senior Incident Responder to support a DoDEA client headquartered in Alexandria, VA. Onsite work is required, but some telework is possible upon government authorization.

Position Summary:

The Senior Incident Responder will support the Department of Defense Education Activity (DoDEA) by leading cyber incident detection, analysis, containment, eradication, and recovery efforts within the Security Operations Center (SOC). This role is critical for maintaining the integrity, confidentiality, and availability of DoDEA systems and data. The Senior Incident Responder will develop response strategies, coordinate across teams, and provide expert-level support for complex incidents. This position aligns with Objective 4 of the PWS and contributes to DoDEA's enterprise cybersecurity defense mission.

Key Responsibilities:

• Lead the analysis and response to complex cybersecurity incidents involving DoDEA enterprise systems.
• Coordinate with SOC, IT, and engineering teams to investigate alerts, assess scope, and mitigate threats.
• Utilize tools such as SIEM, EDR, network traffic analysis, and forensic platforms to support incident investigations.
• Perform root cause analysis and determine the impact and origin of cybersecurity events.
• Support Tier 3 triage and provide technical guidance to junior analysts.
• Document incident timelines, attack vectors, and remediation efforts in detailed incident reports.
• Develop and refine incident response playbooks, runbooks, and escalation workflows.
• Conduct tabletop exercises and after-action reviews to improve response readiness.
• Monitor threat intelligence feeds and IOCs to proactively defend against known vulnerabilities.
• Ensure incident handling aligns with DoD and DoDEA cybersecurity policies and reporting requirements.

Required Qualifications:

• U.S. Citizenship.
• Active SECRET security clearance.
• Tier 3 background investigation clearance (NACLC).
• Minimum IAT Level II or III certification (e.g., Security+, CySA+, CASP+).
• 5+ years of experience in cybersecurity operations or incident response.
• Expertise with SIEMs, endpoint protection tools, forensic platforms, and network analysis.
• Strong understanding of incident response methodologies and threat landscapes.
• Experience with DISA STIGs, RMF, and DoD cybersecurity reporting frameworks.
• Excellent analytical, documentation, and communication skills.

Clearance Requirement:

Active SECRET security clearance required. Must be a U.S. Citizen and meet DoD ADP Level II requirements.

Requires a Bachelor's degree and a minimum of 10-12 years of experience in a related or applicable field, or an equivalent combination of education and experience.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.