ClearanceJobs
Incident Response Manager
DirectViz Solutions (DVS) is a dynamic and rapidly growing government contractor committed to delivering innovative IT solutions that address the mission-critical needs of our government clients. Through the expertise and dedication of our talented team, we provide cutting-edge technology services designed to achieve success and exceed expectations. At DVS, we prioritize our employees as our greatest asset. We offer competitive compensation, comprehensive medical benefits, a 401(k) match, generous PTO accrual, professional development reimbursement, corporate-funded technology certifications, and robust employee recognition and appreciation programs. DVS is actively seeking an Incident Response Manager to support our team onsite in Herndon, VA. This position requires an active Secret clearance. Position Overview We are seeking an experienced Incident Response (IR) Manager with strong Operational Technology (OT) and Industrial Control System (ICS) expertise to lead cybersecurity incident detection, analysis, response, and recovery activities in a mission-critical environment. This role is responsible for orchestrating incident response processes, ensuring rapid containment and eradication of threats, and driving continuous improvement of cyber defense capabilities across IT and OT infrastructures. The Incident Response Manager will serve as the primary interface between Cybersecurity Operations, IT/OT Engineering, Program Leadership, and Federal/DoD stakeholders. This role requires deep technical expertise in OT environments, proven leadership in cyber incident handling, and the ability to operate effectively within DoD security and compliance frameworks. Key Responsibilities Lead end-to-end incident response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) for IT and OT systems. Manage and coordinate a team of responders, analysts, and engineers during high-severity incidents. Develop, maintain, and exercise Incident Response Plans (IRPs), Playbooks, and Runbooks tailored for OT/ICS environments. Interface with DoD stakeholders, government program offices, and third-party vendors to ensure coordinated response activities. Oversee forensic investigations including malware analysis, packet captures, log reviews, and OT protocol traffic analysis. Lead threat-hunting operations in IT/OT environments to proactively detect advanced adversaries. Ensure all incident reporting aligns with DoD RMF, NIST 800-61, CJCSM 6510, and CMMC requirements. Maintain compliance with STIGs, DISA CCRI, and DoD Cybersecurity Service Provider (CSSP) standards. Drive improvements in network segmentation, Zero Trust adoption, OT security monitoring, and detection capabilities. Provide after-action reports, metrics, and executive briefings to leadership. Required Qualifications Active DoD Secret clearance or higher. Bachelor's degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience). 8+ years of cybersecurity experience, with at least 3+ years in incident response management. Proven expertise in OT/ICS environments (e.g., SCADA, PLCs, DCS, manufacturing, utilities, or military OT systems). Hands-on experience with SIEM platforms (Splunk, ELK, ArcSight), EDR tools, and forensic toolsets (EnCase, FTK, Volatility, Wireshark, GRR). Deep knowledge of MITRE ATT&CK and ATT&CK for ICS frameworks. Familiarity with networking protocols (TCP/IP, Modbus, DNP3, OPC, CIP, Profinet, etc.) and their security risks. Experience with malware reverse engineering concepts, digital forensics, and memory analysis. Strong knowledge of DoD cybersecurity compliance frameworks (RMF, NIST, STIG, CMMC). Excellent leadership, communication, and coordination skills for cross-functional response teams. Desired Qualifications Advanced degree (MS) in Cybersecurity or related field. CISSP, CISM, GCIA, GCIH, GCFA, GRID, or other SANS/GIAC certifications. Prior experience with DoD Cybersecurity Service Provider (CSSP) or Hunt/IR teams. Familiarity with cloud IR in hybrid environments (Azure, AWS, cArmy, DoD 365). Experience briefing senior leadership and government officials. Physical and Mental Qualifications Maintain focus and awareness throughout scheduled working hours. Perform tasks requiring prolonged periods of sitting or standing at a desk, utilizing a computer, mouse, and keyboard. Lift and move objects weighing up to 15 pounds as needed. Exhibit excellent verbal and written communication skills, with a strong command of the English language. Demonstrate the ability to work independently while also collaborating effectively as part of a team. Quickly learn and retain routine tasks and processes. Possess strong organizational skills, attention to detail, business correspondence proficiency, and self-management capabilities. Perform the essential functions of the role satisfactorily; reasonable accommodation will be provided for employees with disabilities upon request. Accept and adapt to additional responsibilities or changes to assigned duties as determined by DirectViz Solutions (DVS). If you thrive on solving complex problems and building meaningful connections, we'd love to hear from you. Join our team and make an impact today! DirectViz Solutions, LLC (DVS) is an equal opportunity employer who prohibits discrimination and harassment against any employee or applicant for employment based on race, sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law. DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998.
DirectViz Solutions (DVS) is a dynamic and rapidly growing government contractor committed to delivering innovative IT solutions that address the mission-critical needs of our government clients. Through the expertise and dedication of our talented team, we provide cutting-edge technology services designed to achieve success and exceed expectations. At DVS, we prioritize our employees as our greatest asset. We offer competitive compensation, comprehensive medical benefits, a 401(k) match, generous PTO accrual, professional development reimbursement, corporate-funded technology certifications, and robust employee recognition and appreciation programs. DVS is actively seeking an Incident Response Manager to support our team onsite in Herndon, VA. This position requires an active Secret clearance. Position Overview We are seeking an experienced Incident Response (IR) Manager with strong Operational Technology (OT) and Industrial Control System (ICS) expertise to lead cybersecurity incident detection, analysis, response, and recovery activities in a mission-critical environment. This role is responsible for orchestrating incident response processes, ensuring rapid containment and eradication of threats, and driving continuous improvement of cyber defense capabilities across IT and OT infrastructures. The Incident Response Manager will serve as the primary interface between Cybersecurity Operations, IT/OT Engineering, Program Leadership, and Federal/DoD stakeholders. This role requires deep technical expertise in OT environments, proven leadership in cyber incident handling, and the ability to operate effectively within DoD security and compliance frameworks. Key Responsibilities Lead end-to-end incident response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) for IT and OT systems. Manage and coordinate a team of responders, analysts, and engineers during high-severity incidents. Develop, maintain, and exercise Incident Response Plans (IRPs), Playbooks, and Runbooks tailored for OT/ICS environments. Interface with DoD stakeholders, government program offices, and third-party vendors to ensure coordinated response activities. Oversee forensic investigations including malware analysis, packet captures, log reviews, and OT protocol traffic analysis. Lead threat-hunting operations in IT/OT environments to proactively detect advanced adversaries. Ensure all incident reporting aligns with DoD RMF, NIST 800-61, CJCSM 6510, and CMMC requirements. Maintain compliance with STIGs, DISA CCRI, and DoD Cybersecurity Service Provider (CSSP) standards. Drive improvements in network segmentation, Zero Trust adoption, OT security monitoring, and detection capabilities. Provide after-action reports, metrics, and executive briefings to leadership. Required Qualifications Active DoD Secret clearance or higher. Bachelor's degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience). 8+ years of cybersecurity experience, with at least 3+ years in incident response management. Proven expertise in OT/ICS environments (e.g., SCADA, PLCs, DCS, manufacturing, utilities, or military OT systems). Hands-on experience with SIEM platforms (Splunk, ELK, ArcSight), EDR tools, and forensic toolsets (EnCase, FTK, Volatility, Wireshark, GRR). Deep knowledge of MITRE ATT&CK and ATT&CK for ICS frameworks. Familiarity with networking protocols (TCP/IP, Modbus, DNP3, OPC, CIP, Profinet, etc.) and their security risks. Experience with malware reverse engineering concepts, digital forensics, and memory analysis. Strong knowledge of DoD cybersecurity compliance frameworks (RMF, NIST, STIG, CMMC). Excellent leadership, communication, and coordination skills for cross-functional response teams. Desired Qualifications Advanced degree (MS) in Cybersecurity or related field. CISSP, CISM, GCIA, GCIH, GCFA, GRID, or other SANS/GIAC certifications. Prior experience with DoD Cybersecurity Service Provider (CSSP) or Hunt/IR teams. Familiarity with cloud IR in hybrid environments (Azure, AWS, cArmy, DoD 365). Experience briefing senior leadership and government officials. Physical and Mental Qualifications Maintain focus and awareness throughout scheduled working hours. Perform tasks requiring prolonged periods of sitting or standing at a desk, utilizing a computer, mouse, and keyboard. Lift and move objects weighing up to 15 pounds as needed. Exhibit excellent verbal and written communication skills, with a strong command of the English language. Demonstrate the ability to work independently while also collaborating effectively as part of a team. Quickly learn and retain routine tasks and processes. Possess strong organizational skills, attention to detail, business correspondence proficiency, and self-management capabilities. Perform the essential functions of the role satisfactorily; reasonable accommodation will be provided for employees with disabilities upon request. Accept and adapt to additional responsibilities or changes to assigned duties as determined by DirectViz Solutions (DVS). If you thrive on solving complex problems and building meaningful connections, we'd love to hear from you. Join our team and make an impact today! DirectViz Solutions, LLC (DVS) is an equal opportunity employer who prohibits discrimination and harassment against any employee or applicant for employment based on race, sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law. DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998.