SOS International LLC
Senior Cybersecurity Engineer / Analyst Incident Response Lead (IR Lead)
SOS International LLC, Joint Base Pearl Harbor Hickam, Hawaii, United States
Overview:
SOSi
is seeking a
Senior Cybersecurity Engineer / Analyst Incident Response Lead (IR Lead)
to join our elite team in
Hawaii , where mission meets innovation. Supporting
INDOPACOM warfighters
with secure, multi-enclave Coalition connectivity, our team leverages advanced
Desktop as a Service (DaaS)
Private Cloud infrastructure to deliver resilient and scalable solutions. As the
IR Lead , youll serve as the operational anchor of the Hawaii NSOC, guiding day-to-day monitoring, triage, and incident investigations. Youll coordinate escalations as the
Incident Response Lead , validate high-priority detections, contain complex threats, and ensure analyst teams are aligned with NSOC leadership and engineering staff to maintain mission assurance. This is your opportunity to shape the future of cyber defense in one of the most strategically vital regions on Earth. Responsibilities: Lead the Cybersecurity Engineer / Analyst team, assigning monitoring priorities, overseeing investigations, and providing mentorship. Act as
Incident Response Lead (IRL)
during escalations, coordinating containment, remediation, and reporting across the NSOC, mission partners, and external stakeholders. Validate and adjudicate escalated detections from SOC tools (including AI-assisted platforms), ensuring accuracy, prioritization, and timely response. Mentor and coach analysts in advanced detection, threat hunting, and incident response skills; provide regular feedback and performance oversight. Serve as the primary liaison between analysts and engineering staff to refine detections, SOAR playbooks, and automation workflows. Direct proactive threat hunting operations based on adversary TTPs, threat intelligence, and anomaly detection. Ensure incidents are documented to NSOC standards, with lessons learned integrated into playbooks and training. Lead tabletop drills and red/blue team exercises to validate readiness and incident response procedures. Provide senior-level reporting and executive briefings on major incidents. Maintain compliance with RMF, CSSP, and NSOC SOPs; validate processes meet accreditation requirements. Qualifications:
Active in scope SECRET clearance. Bachelors Degree in Cybersecurity, Computer Science, Information Systems, or related technical discipline; equivalent work experience considered. 5+ years of SOC/NSOC or cyber defense experience, with demonstrated IR and threat hunting expertise. DoD 8140 baseline certification (CASP+/SecurityX or CISSP or GCIA or GCIH or CEH or CFR). Proven experience leading analyst teams or serving as a shift/incident lead. Strong knowledge of adversary TTPs (MITRE ATT&CK), malware analysis, and advanced detection/response techniques. Proficiency with SIEM, EDR, SOAR, and packet capture/analysis tools (e.g., Wireshark, Zeek). Strong leadership, communication, and briefing skills for technical and executive audiences. Preferred Qualifications:
Active Top Secret clearance with ability to obtain/maintain TS/SCI. Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI. Experience in a military cyber defense environment or enterprise-level 24/7 SOC. Prior IR Lead/Tier 3 response experience with major incident coordination responsibilities. Familiarity with AI/LLM-assisted SOC tools or automation pipelines (nice to have). Working Conditions:
Location:
Hawaii NSOC. Schedule:
Core leadership role with daytime hours; requires flexibility to support a 24/7/365 NSOC, including on-call
on-call responsibilities for after-hours escalations . Environment:
High-tempo, mission-critical operations requiring adaptability, collaboration, and rapid decision-making. Relocation packages may include a two-year commitment.
SOSi
is seeking a
Senior Cybersecurity Engineer / Analyst Incident Response Lead (IR Lead)
to join our elite team in
Hawaii , where mission meets innovation. Supporting
INDOPACOM warfighters
with secure, multi-enclave Coalition connectivity, our team leverages advanced
Desktop as a Service (DaaS)
Private Cloud infrastructure to deliver resilient and scalable solutions. As the
IR Lead , youll serve as the operational anchor of the Hawaii NSOC, guiding day-to-day monitoring, triage, and incident investigations. Youll coordinate escalations as the
Incident Response Lead , validate high-priority detections, contain complex threats, and ensure analyst teams are aligned with NSOC leadership and engineering staff to maintain mission assurance. This is your opportunity to shape the future of cyber defense in one of the most strategically vital regions on Earth. Responsibilities: Lead the Cybersecurity Engineer / Analyst team, assigning monitoring priorities, overseeing investigations, and providing mentorship. Act as
Incident Response Lead (IRL)
during escalations, coordinating containment, remediation, and reporting across the NSOC, mission partners, and external stakeholders. Validate and adjudicate escalated detections from SOC tools (including AI-assisted platforms), ensuring accuracy, prioritization, and timely response. Mentor and coach analysts in advanced detection, threat hunting, and incident response skills; provide regular feedback and performance oversight. Serve as the primary liaison between analysts and engineering staff to refine detections, SOAR playbooks, and automation workflows. Direct proactive threat hunting operations based on adversary TTPs, threat intelligence, and anomaly detection. Ensure incidents are documented to NSOC standards, with lessons learned integrated into playbooks and training. Lead tabletop drills and red/blue team exercises to validate readiness and incident response procedures. Provide senior-level reporting and executive briefings on major incidents. Maintain compliance with RMF, CSSP, and NSOC SOPs; validate processes meet accreditation requirements. Qualifications:
Active in scope SECRET clearance. Bachelors Degree in Cybersecurity, Computer Science, Information Systems, or related technical discipline; equivalent work experience considered. 5+ years of SOC/NSOC or cyber defense experience, with demonstrated IR and threat hunting expertise. DoD 8140 baseline certification (CASP+/SecurityX or CISSP or GCIA or GCIH or CEH or CFR). Proven experience leading analyst teams or serving as a shift/incident lead. Strong knowledge of adversary TTPs (MITRE ATT&CK), malware analysis, and advanced detection/response techniques. Proficiency with SIEM, EDR, SOAR, and packet capture/analysis tools (e.g., Wireshark, Zeek). Strong leadership, communication, and briefing skills for technical and executive audiences. Preferred Qualifications:
Active Top Secret clearance with ability to obtain/maintain TS/SCI. Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI. Experience in a military cyber defense environment or enterprise-level 24/7 SOC. Prior IR Lead/Tier 3 response experience with major incident coordination responsibilities. Familiarity with AI/LLM-assisted SOC tools or automation pipelines (nice to have). Working Conditions:
Location:
Hawaii NSOC. Schedule:
Core leadership role with daytime hours; requires flexibility to support a 24/7/365 NSOC, including on-call
on-call responsibilities for after-hours escalations . Environment:
High-tempo, mission-critical operations requiring adaptability, collaboration, and rapid decision-making. Relocation packages may include a two-year commitment.