Cybersecurity Subject Matter Expert - Incident Response

Cybersecurity Subject Matter Expert – Incident Response

Company	Guidehouse
Location	Salt Lake City, UT, USA, Las Vegas, NV, USA, Washington, DC, USA, Livermore, CA, USA, Albuquerque, NM, USA, North Augusta, SC, USA, McLean, VA, USA, Arlington, VA, USA, Kansas City, MO, USA, New York, NY, USA, Amarillo, TX, USA, Oak Ridge, TN, USA
Salary	$130000 – $216000
Type	Full-Time
Degrees	Bachelor’s, Master’s
Experience Level	Senior, Expert or higher

An ACTIVE and MAINTAINED TOP SECRET DoD security clearance.
Bachelor’s degree from an accredited university or college in Computer Science, Information Security, Cybersecurity or a related field AND FIVE (5+) plus years of experience in cybersecurity, with a focus on incident response; Or Master’s degree an accredited university or college in Computer Science, Information Security, Cybersecurity or a related field AND THREE (3+) plus years of experience in cybersecurity, with a focus on incident response.
Relevant certifications such as GCIH, GCFA, CISSP, or similar.
Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001).
Proficiency with incident response tools (e.g., SIEM, EDR, forensic tools).
Excellent problem-solving skills and the ability to think like an attacker.
Strong communication and presentation skills, with the ability to convey complex technical concepts to non-technical stakeholders.
Ability to work independently and as part of a team in a fast-paced environment.
Ability to travel as required.
Currently reside in the contiguous United States.
This is a Hybrid role that requires the ability to work onsite in a core Guidehouse Office or Client Office location.

Lead and participate in incident response activities, including detection, analysis, containment, eradication, and recovery.
Develop and maintain incident response plans, playbooks, and procedures.
Conduct post-incident reviews to identify lessons learned and implement improvements.
Monitor security alerts and events to identify potential security incidents.
Analyze security data from various sources to detect and respond to threats.
Collaborate with other teams to improve detection and response capabilities.
Gather and analyze threat intelligence to stay informed about the latest threats and attack techniques.
Use threat intelligence to enhance incident response strategies and improve overall security posture.
Conduct training sessions and awareness programs to educate employees about incident response procedures and best practices.
Develop and deliver tabletop exercises and simulations to test and improve incident response capabilities.
Perform regular security assessments and audits to ensure compliance with industry standards and best practices.
Identify and prioritize security risks, and work with relevant teams to implement corrective actions.
Stay up-to-date with the latest cybersecurity threats, trends, and technologies.

An ACTIVE and MAINTAINED Department of Energy (DOE) Q-Sensitive security clearance.
Preference will be given to candidates within 60 miles of a core Guidehouse office or Client Office location.
Experience with threat hunting and threat intelligence.
Knowledge of scripting languages (e.g., Python, PowerShell) for automation and tool development.
Familiarity with cloud security (e.g., AWS, Azure) and container security (e.g., Docker, Kubernetes).