Principle Incident Handler
Monterey, CA
Full Time Senior-level / Expert Clearance required USD 96K - 178K * est.
At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.
As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.
ARSIEM Corporation is seeking a highly skilled Principal Incident Handler (IH-P) to lead cyber incident response operations in a fast-paced, mission-critical environment. As the senior-most responder on the team, you’ll provide technical oversight, mentor junior analysts, and serve as a strategic advisor to the Cyber Security Operations Center (CSOC) leadership. This position will support one of our government clients in Monterey, CA.
Responsibilities
- Lead and guide Tier I and II analysts during active incidents, ensuring high-quality response and knowledge transfer.
- Drive updates to incident handling SOPs and evaluate access, tools, and workflows to support full-spectrum cyber defense.
- Oversee incident response from alert to resolution, including detection, triage, analysis, containment, and remediation.
- Conduct root cause analysis and present findings to stakeholders, including the CSOC Manager, ISSM, and CISO.
- Ensure digital evidence is preserved properly and in accordance with legal/operational standards.
- Recommend enhancements to security tooling and lead technical coordination with engineering and forensics teams.
Minimum Qualifications
- 7+ years in incident response, malware analysis, or cyber forensics.
- Bachelor's degree in CS, Engineering, Cybersecurity, or related field.
- Demonstrated experience guiding technical teams through complex cybersecurity incidents.
- Deep familiarity with detection technologies (SIEM, IDS/IPS), network protocols, malware containment, and threat analysis.
- Strong written and verbal communication skills, including incident reporting and executive briefings.
- Strong understanding of network protocols (e.g., TCP/IP, DNS), security architecture, and traffic analysis
- Strong understanding of threat actor behaviors, attack stages, and common vulnerabilities
- Strong understanding of host/network intrusion detection, malware handling, and secure system administration
- Strong understanding of cloud service models and how they affect response strategies
- Strong understanding of cybersecurity frameworks, privacy principles, and risk mitigation
- Relevant industry certifications (e.g., CISSP, GCIA, GCIH, CEH) preferred but not required.
ARSIEM is proud to be an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CISO CISSP Clearance Cloud CSOC Cyber defense DNS Forensics GCIA GCIH IDS Incident response Intrusion detection IPS Malware Privacy SIEM SOC TCP/IP Top Secret Top Secret Clearance Vulnerabilities
Perks/benefits: Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.