Job Requirements
Arlington, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description
ECS is seeking a Mid. Cyber Incident Coordinator to work out of our Arlington, VA office.
ECS is seeking talented professionals to join our successful and growing team supporting the Cybersecurity and Infrastructure Security Agency's (CISA) Joint Cyber Defense Collaborative (JCDC) . The J CDC is CISA's flagship initiative for uniting government, industry, and international partners to proactively defend against cyber threats . Our ECS team is at the center of providing support to JCDC as they continue to plan, share, and respond to cyber threats in real time to support the great er cyber community and we are looking to grow our team supporting this critical mission.
We are looking for a Mid . Cyber Incident Coordinator for a team that provides deep technical analysis of cyber threat intelligence and operational data, correlating information acro ss available datasets, and producing actionable context to support detection, threat hunting, and incident response activities. This position will support a team that interface s extensively with multiple organizations within CISA including Vulnerability Management (VM) and Threat Hunt (TH) to provide guidance and analysis on active cyber threats for JCDC partners . This position empha sizes analytical rigor, contextualization, and effective communication in support of coordinated cyber defense operations across government and partner organizations.
The Mid . Cyber Incident Coordinator will support a team that works closely with many stakeholders, including DHS CISA TH and VM, Agency security analysts / user groups, and the ECS team to ensure alignment between solution development and needs of stakeholders. The coordinator will perform research and assist with solutions for specific IOCs and IOAs. The coordinator will aid in defining tools, processes, and procedures for advancing Threat Hunting and Incident Response capabilities within CISA , FCEB, CI and SLTT .
Responsibilities:
Work Environment
This position supports a hybrid work model, with routine on-site presence in Arlington VA one day per week and additional on-site support as operational requirements dictate. The role operates in a high-visibility, collaborative environment where accuracy, clarity, and coordination are essential.
#ECS1
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3200+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
ECS is seeking a Mid. Cyber Incident Coordinator to work out of our Arlington, VA office.
ECS is seeking talented professionals to join our successful and growing team supporting the Cybersecurity and Infrastructure Security Agency's (CISA) Joint Cyber Defense Collaborative (JCDC) . The J CDC is CISA's flagship initiative for uniting government, industry, and international partners to proactively defend against cyber threats . Our ECS team is at the center of providing support to JCDC as they continue to plan, share, and respond to cyber threats in real time to support the great er cyber community and we are looking to grow our team supporting this critical mission.
We are looking for a Mid . Cyber Incident Coordinator for a team that provides deep technical analysis of cyber threat intelligence and operational data, correlating information acro ss available datasets, and producing actionable context to support detection, threat hunting, and incident response activities. This position will support a team that interface s extensively with multiple organizations within CISA including Vulnerability Management (VM) and Threat Hunt (TH) to provide guidance and analysis on active cyber threats for JCDC partners . This position empha sizes analytical rigor, contextualization, and effective communication in support of coordinated cyber defense operations across government and partner organizations.
The Mid . Cyber Incident Coordinator will support a team that works closely with many stakeholders, including DHS CISA TH and VM, Agency security analysts / user groups, and the ECS team to ensure alignment between solution development and needs of stakeholders. The coordinator will perform research and assist with solutions for specific IOCs and IOAs. The coordinator will aid in defining tools, processes, and procedures for advancing Threat Hunting and Incident Response capabilities within CISA , FCEB, CI and SLTT .
Responsibilities:
- Analyze cyber threat intelligence and related reporting to assess relevance, credibility, and potential operational impact.
- Correlate intelligence with internal datasets and partner-provided information to identify patterns, behaviors, and emerging threats.
- Apply threat hunting and detection analysis techniques to provide contextual insights that support detection and response activities.
- Contribute analytical findings and behavioral context to inform the development and refinement of detection logic, including SIGMA and YARA-based detections .
- Support the development of written guidance and recommendations to assist JCDC partners with solutions for active and ongoing cyber vulnerabilities.
- Stay current with emerging technologies and trends in cybersecurity, and apply this knowledge to improve threat detection and mitigation efforts.
- Through hands-on analysis provide i nsights into vulnerabilities, adversarial tactics, and mitigation strategies across diverse environments like IT, OT/ICS, cloud, and AI systems.
- Assist with mapping technical insights on cyber threats to frameworks like MITRE ATT&CK and other cyber frameworks.
- Support collaboration and information sharing across internal teams and external partners in alignment with the JCDC mission.
- Participate in operational coordination activities and briefing as required .
- US citizenship with the ability to obtain and maintain DHS Suitability (EOD).
- Active TS security clearance and SCI eligible.
- On-site 3- 5 days per week in Arlington, VA.
- 6+ Years of previous experience in a threat intelligence, cyber security, incident response, or similar role
- Strong u nder standing of computer and network fundamentals
- Experience in cyber threat intelligence analysis, cyber incident analysis, or related cybersecurity roles.
- Working knowledge of threat hunting concepts and detection methodologies.
- Familiarity with detection logic frameworks and co n cepts ( e.g. behavioral detection, SIGMA, YARA).
- Strong analytical writing skills with the ability to produce clear, defensible documentation.
- With minimum support perform in-depth research tasks and produce written summaries to include insights and predictions based on an analytical process
- Excellent written and oral communication skills
- An u nderstanding of current cyber threats/exploits, attack methodology , and detection techniques using a wide variety of security products including COTS and open source
- Experience working in collaborative, multi-stakeholder environments.
- Familiarity with the .gov Cyber Mission space and legal constraints applicable to civilian Government Agencies (e.g., FISMA)
- Experience collecting, analyzing, and categorizing threat intelligence data from multiple sources to author actionable intelligence reports
- Familiarity with at least one scripting language such as Python, and capable of manipulating data, interfacing with APIs, automating repetitive tasks, etc.
- Ability to interpret complex cybersecurity topics and effectively communicate or present information to various groups of stakeholders (Executives, SOC, etc.)
- Field-related certifications such as (CTIA, CEH, GREM, GCIH, GCFA)
- Experience with tools in both Linux and Windows environments
- Experience applying AI/ ML to identify anomalous behavior in security data, esp. using Elasticsearch
- Familiarity with MITRE ATT&CK and/or similar frameworks
- Familiarity with AI/ML concepts and applications
Work Environment
This position supports a hybrid work model, with routine on-site presence in Arlington VA one day per week and additional on-site support as operational requirements dictate. The role operates in a high-visibility, collaborative environment where accuracy, clarity, and coordination are essential.
#ECS1
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3200+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
group id: 10112231A