Cyber Incident Responder (Top Secret Clearance)

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a "work hard, play hard" mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation's critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we're looking for:

We are seeking a Cyber Incident Responder with experience supporting defensive cybersecurity operations across enterprise environments. This role focuses on assessing system security, validating controls and identifying vulnerabilities through testing, analysis and monitoring activities. The Cyber Incident Responder supports authorization, continuous monitoring and threat detection efforts while working closely with stakeholders to strengthen overall security posture. This is a unique opportunity to shape the growth and culture of an exciting and fast-growing company in the cybersecurity market.

What you'll be doing:

• Support incident response, threat hunting and forensics activities, while also conducting security assessments and vulnerability testing.
• Use signature-based scanners, data collection tools and hardware analysis tools to assess potential threat events.
• Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats.
• Support vulnerability analysis and develop mitigation strategies to prevent future threats.
• Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management and continuous monitoring efforts.
• Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews and web application testing.
• Develop test plans, execute tests and prepare detailed after-action reports.
• Document testing processes in accordance with agency regulations and Standard Operating Procedures (SOPs).
• Support remote locations with traveling assessments as scheduled (~60% travel expected, Continental United States).

What you need to know:

• Experience with open-source and commercial testing tools such as Nessus, Metasploit, Burp Suite, App Detective and Nmap.
• Familiarity with security policies of the Department of Justice (DOJ), FBI and National Institute of Standards and Technology (NIST) guidelines (e.g., 800-53, 800-53a).
• Advanced understanding of security tools with the ability to configure and troubleshoot them as needed.
• Expertise in Unix/Linux or Microsoft operating systems, with extensive experience in at least one.
• Broad knowledge of security methodologies, solutions and industry best practices.
• Strong critical thinking and analytical skills, with the ability to interpret and synthesize complex data.

Must have's:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or 10 years of relevant IT experience.
• 8 years+ of relevant experience. Equivalent combinations of education, certifications or demonstrable work may be considered in lieu of direct experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Expertise in at least one of the following areas: Web applications and technologies, Networking technologies, Enterprise solutions, storage and databases, Cross-domain solutions, Virtualization technologies, Mainframes.
• One or more of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN, GWAPT or CEH.
• Applicants must hold and maintain an active Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph.

Where it's done:

• Onsite (Washington, DC; ~60% travel within the continental United States).