Lead Incident Handler

Job ID
Clearance Level
Top Secret/SCI


PENTCIRT Incident Handling Branch (IHB) Respond services includes the actions taken to report, analyze, coordinate, and respond to any event or computer security incident for the purpose of mitigating any adverse operational or technical impact. Incident Response includes the coordinated development and implementation of courses of action (COAs) that focus on containment, eradication, and recovery. At the same time, it ensures the acquisition and preservation of data required for tactical analysis, strategic analysis, and/or LE investigations.


Serve as an incident responder and first line of the Pentagon’s cyber defense, which is responsible for identifying and responding to security threats. Operate in a 16/7 operations center environment responsible for incident confirmation, response, data collection, investigation, and analysis. Leverage knowledge of computer and network architecture to provide analysis during investigations, including identifying adversarial activity and methods for future detection and prevention. Use a combination of Open Source research, network and host forensic analysis, log review and correlation, and pcap analysis to complete investigations. Compose and present reports on findings to leadership for intrusion incidents. Manage the incident life cycle, ensuring all investigations are kept current and completed.


Required Education:


  • BA or BS degree preferred; MA or MS degree in Engineering, CS, Information Security, or Information Systems a plus


Required Experience:


  • 3+ years of experience in Cybersecurity
  • SOC or Incident Handling Management experience required
  • Experience with systems administration, network engineering, or security engineering
  • Experience with performing host or network incident response, malware analysis, or forensics
  • Knowledge of host and network log sources to apply to investigation, IR methodology in investigations, and the groups behind targeted attacks and their tactics, techniques, and procedures (TTPs)
  • Ability to lead and serve a team, as needed to complete the mission and work well under pressure to rapidly scope and investigate incidents
  • Experience with network forensics and intrusion analysis
  • Knowledge of networking concepts and analysis tools
  • Knowledge of operating systems, software, and security controls


Required Clearance:


  • Top Secret w/SCI


Desired Qualifications:


  • Industry recognized Information Security Certifications, (CEH or GCIA or GCFA and Security + CE required) CISSP a plus



About Aveshka:

Aveshka is a professional services firm focused on addressing our nation’s most complex threats and challenges. As a small business we’re committed to supporting our clients’ missions with services delivered by our diverse and experienced staff. With expertise in cybersecurity, emergency preparedness, and public health, our experience base spans federal, state, and local governments, as well as private sector entities.


Aveshka encourages collaborative communication and ongoing learning.  Some of our benefits include:


  • Extensive training programs
  • Gym membership reimbursement
  • Education reimbursement
  • Technology benefits
  • Commuter benefits
  • Generous paid time off and much more!


Aveshka is an Equal Opportunity Employer (EOE)


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed