USAFA Incident Responder

SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Reston, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success. Come join our team!

Background

The Cybersecurity Incident Responder plays a critical role in safeguarding Department of Defense (DoD) systems and data by detecting, analyzing, and responding to cybersecurity incidents, including breaches involving Personally Identifiable Information (PII). This position supports the full lifecycle of incident response operations, aligning with DoD cybersecurity policy, NIST SP 800-61r3, and the CISA Cybersecurity Incident Response Playbooks.

The responder will work as part of a coordinated incident response team and may contribute to the development and maintenance of incident response playbooks, plans, and procedures. Responsibilities include initial triage, evidence collection, root cause analysis, containment, eradication, recovery, and post-incident reporting. The ideal candidate has a strong understanding of cybersecurity threats, response frameworks, and experience supporting federal or defense environments.

Qualifications

• Experience detecting, investigating, and responding to cybersecurity incidents, including breaches involving Personally Identifiable Information (PII), in accordance with federal or DoD guidelines.
• Proficiency in analyzing security logs, indicators of compromise (IOCs), and network traffic to assess incident scope, impact, and root cause.
• Demonstrated ability to coordinate incident containment, eradication, and recovery efforts across complex IT environments.
• Experience maintaining and updating incident response plans, procedures, and playbooks aligned with DoDI 8530.01, NIST SP 800-61r3 and CISA guidance.
• Skilled in conducting post-incident reviews and applying lessons learned to improve organizational cybersecurity posture.
• Familiarity with cybersecurity exercises, simulations, and operational testing of incident response plans.
• Strong written and verbal communication skills to support accurate incident reporting, documentation, and stakeholder briefings.
• Proven ability to work collaboratively with cybersecurity teams, system owners, and third-party stakeholders in high-pressure environments.

Soft Skills

• Critical Thinking & Problem Solving: Ability to quickly assess complex and evolving incidents, make sound decisions under pressure, and identify effective containment and remediation strategies.
• Communication & Reporting: Strong written and verbal communication skills to clearly document incidents, present technical findings to non-technical stakeholders, and support coordinated response efforts.
• Collaboration & Teamwork: Proven ability to work effectively within cross-functional teams, including system administrators, analysts, and leadership, especially during high-stress incident response scenarios.
• Adaptability & Resilience: Comfortable operating in fast-paced, dynamic environments with shifting priorities and emerging threats; maintains composure and productivity during cyber crises.
• Attention to Detail: Meticulous in log analysis, evidence handling, and documentation to ensure accurate incident tracking and forensic integrity.
• Discretion & Integrity: Demonstrates sound judgment and maintains confidentiality when handling sensitive information, including classified data and PII.

POSITION REQUIREMENTS

• Must be a U.S. Citizen
• IT Tier 3 security background investigation/clearance to match the designation of the system assigned.
• At least 3 years' experience
• ONE of the following three certifications:
  • CCNA CyberOps Associate (CBROPS)
  • Federal IT Security Professional -Operator-NG (FITSP-O)
  • GIAC Information Security Fundamentals (GISF)
  • Certified Cloud security Professional (CCSP)
  • Certified Ethical Hacker (CEH)
  • CompTIA Cloud Plus (Cloud+)
  • GIAC Certified enterprise Defender (GCED)
  • CompTIA Penetration Tester Plus (PenTest+)
  • CompTIA Security Plus (Security+)
  • GIAC Security Essentials Certification (GSEC)