ARGO Cyber Systems, LLC
Cyber Incident Manager III
ARGO Cyber Systems, LLC, Arlington, Virginia, United States, 22201
Cyber Incident Manager
Location:
Onsite (CONUS) / Shift Work Clearance:
Active TS/SCI (DHS EOD Suitability required) Company:
Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB) About Argo Cyber Systems
Argo Cyber Systems provides mission-critical cybersecurity support to U.S. Government agencies and critical infrastructure owners nationwide. Our teams deliver rapid incident response, advanced forensics, and coordinated recovery operations to protect vital systems from evolving cyber threats. We combine technical precision with operational agility-helping federal partners identify, contain, and recover from complex cyber incidents with speed and confidence. Position Overview
Argo Cyber Systems is seeking a
Cyber Incident Manager
to lead onsite incident response operations for a U.S. Government customer. The selected candidate will coordinate and execute incident handling, forensic triage, and threat mitigation activities for large-scale, high-impact cyber events. This role is part of a 24×7 incident response capability that provides immediate investigation, containment, and recovery support to federal civilian agencies and critical infrastructure entities. Key Responsibilities
Direct and coordinate
incident response activities
across diverse environments-ensuring rapid containment, accurate impact assessment, and effective recovery.
Correlate and analyze incident data
to identify patterns, trends, and emerging threats.
Perform triage and scoping
of cyber incidents to determine severity, urgency, and operational impact.
Apply
Defense-in-Depth principles
and best practices to strengthen enterprise resilience.
Investigate indicators of compromise (IOCs), malware behavior, and intrusion vectors using host and network data.
Research and document
resolution steps, mitigations, and workarounds
for ongoing or recurring incidents.
Develop and maintain
incident response procedures and playbooks
aligned with NIST SP 800-61 Rev.2 and FISMA reporting requirements.
Monitor external intelligence sources and threat feeds to maintain situational awareness of current threat conditions.
Track, document, and brief
incident lifecycle progress
from detection through closure, ensuring accurate reporting and escalation to senior stakeholders.
Collaborate with cross-functional teams-including threat analysts, forensics personnel, SOC operators, and federal incident coordinators-to provide unified, mission-focused response.
Required Qualifications
U.S. Citizenship
Active TS/SCI clearance
(must be able to obtain DHS EOD Suitability)
5+ years
of directly relevant experience in
cyber incident management, SOC operations, or DFIR
roles
Strong understanding of
incident response methodologies, frameworks, and reporting requirements
under
NIST SP 800-61
and
FISMA
Demonstrated ability to
analyze, prioritize, and document incidents
within enterprise or federal environments
Solid grasp of
attack lifecycle stages
and common adversary tactics (reconnaissance, exploitation, privilege escalation, persistence, exfiltration, etc.)
Knowledge of
system administration, OS hardening, and defensive security controls
across Windows, Linux, and hybrid environments
Familiarity with
CND policies, procedures, and regulatory frameworks
Understanding of
threat actor typologies
(e.g., opportunistic, organized criminal, nation-state) and their operational tradecraft
Excellent written and verbal communication skills for technical and executive reporting
Desired Qualifications
Proficiency with
SIEM, EDR, and network forensic tools
(e.g., Splunk, SentinelOne, Elastic, Wireshark)
Experience conducting or managing
shift-based or 24×7 cyber operations
Advanced knowledge of
malware analysis, log correlation, and network defense
methodologies
Familiarity with
incident ticketing and tracking systems
(e.g., ServiceNow, Jira, Remedy)
Strong analytical mindset and ability to lead during high-pressure operational events
Education
Bachelor's Degree
in Cybersecurity, Information Systems, Computer Science, or related discipline
High School Diploma
with
7-9 years
of relevant incident management or cybersecurity experience
Preferred Certifications
GCIH ,
GCFA ,
GISP ,
GCED ,
CCFP ,
CISSP , or equivalent
Additional Information
Shift work position ; schedule determined upon start.
ECP-1 rates apply.
Must be available for onsite support during active incidents or surge operations.
Why Join Argo
As part of Argo Cyber Systems, you will serve at the forefront of national cyber defense-protecting civilian agencies and high-value assets from persistent and emerging threats. You'll join a veteran-founded, mission-driven team dedicated to operational excellence, collaboration, and innovation in the cyber domain.
#J-18808-Ljbffr
Location:
Onsite (CONUS) / Shift Work Clearance:
Active TS/SCI (DHS EOD Suitability required) Company:
Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB) About Argo Cyber Systems
Argo Cyber Systems provides mission-critical cybersecurity support to U.S. Government agencies and critical infrastructure owners nationwide. Our teams deliver rapid incident response, advanced forensics, and coordinated recovery operations to protect vital systems from evolving cyber threats. We combine technical precision with operational agility-helping federal partners identify, contain, and recover from complex cyber incidents with speed and confidence. Position Overview
Argo Cyber Systems is seeking a
Cyber Incident Manager
to lead onsite incident response operations for a U.S. Government customer. The selected candidate will coordinate and execute incident handling, forensic triage, and threat mitigation activities for large-scale, high-impact cyber events. This role is part of a 24×7 incident response capability that provides immediate investigation, containment, and recovery support to federal civilian agencies and critical infrastructure entities. Key Responsibilities
Direct and coordinate
incident response activities
across diverse environments-ensuring rapid containment, accurate impact assessment, and effective recovery.
Correlate and analyze incident data
to identify patterns, trends, and emerging threats.
Perform triage and scoping
of cyber incidents to determine severity, urgency, and operational impact.
Apply
Defense-in-Depth principles
and best practices to strengthen enterprise resilience.
Investigate indicators of compromise (IOCs), malware behavior, and intrusion vectors using host and network data.
Research and document
resolution steps, mitigations, and workarounds
for ongoing or recurring incidents.
Develop and maintain
incident response procedures and playbooks
aligned with NIST SP 800-61 Rev.2 and FISMA reporting requirements.
Monitor external intelligence sources and threat feeds to maintain situational awareness of current threat conditions.
Track, document, and brief
incident lifecycle progress
from detection through closure, ensuring accurate reporting and escalation to senior stakeholders.
Collaborate with cross-functional teams-including threat analysts, forensics personnel, SOC operators, and federal incident coordinators-to provide unified, mission-focused response.
Required Qualifications
U.S. Citizenship
Active TS/SCI clearance
(must be able to obtain DHS EOD Suitability)
5+ years
of directly relevant experience in
cyber incident management, SOC operations, or DFIR
roles
Strong understanding of
incident response methodologies, frameworks, and reporting requirements
under
NIST SP 800-61
and
FISMA
Demonstrated ability to
analyze, prioritize, and document incidents
within enterprise or federal environments
Solid grasp of
attack lifecycle stages
and common adversary tactics (reconnaissance, exploitation, privilege escalation, persistence, exfiltration, etc.)
Knowledge of
system administration, OS hardening, and defensive security controls
across Windows, Linux, and hybrid environments
Familiarity with
CND policies, procedures, and regulatory frameworks
Understanding of
threat actor typologies
(e.g., opportunistic, organized criminal, nation-state) and their operational tradecraft
Excellent written and verbal communication skills for technical and executive reporting
Desired Qualifications
Proficiency with
SIEM, EDR, and network forensic tools
(e.g., Splunk, SentinelOne, Elastic, Wireshark)
Experience conducting or managing
shift-based or 24×7 cyber operations
Advanced knowledge of
malware analysis, log correlation, and network defense
methodologies
Familiarity with
incident ticketing and tracking systems
(e.g., ServiceNow, Jira, Remedy)
Strong analytical mindset and ability to lead during high-pressure operational events
Education
Bachelor's Degree
in Cybersecurity, Information Systems, Computer Science, or related discipline
High School Diploma
with
7-9 years
of relevant incident management or cybersecurity experience
Preferred Certifications
GCIH ,
GCFA ,
GISP ,
GCED ,
CCFP ,
CISSP , or equivalent
Additional Information
Shift work position ; schedule determined upon start.
ECP-1 rates apply.
Must be available for onsite support during active incidents or surge operations.
Why Join Argo
As part of Argo Cyber Systems, you will serve at the forefront of national cyber defense-protecting civilian agencies and high-value assets from persistent and emerging threats. You'll join a veteran-founded, mission-driven team dedicated to operational excellence, collaboration, and innovation in the cyber domain.
#J-18808-Ljbffr