Lead Security Investigator
Leesburg, VA (Onsite)
We are currently seeking a seeking a Lead Security Investigator
to join our growing team in support of Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
- Lead staff to proactively investigate and respond to security incidents.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
- Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.
- Responsible for team management and overall use of resources and initiation of corrective action where required for Security Operations Center.
- Conduct in-depth forensic analysis of digital systems, applications, and data to determine the extent and impact of security breaches.
- Gather evidence, preserve chain of custody, and ensure the integrity of data during investigations.
- Provide leadership, mentorship, and guidance to a team of cybersecurity investigators.
- Responsible for leveraging standard and non-standard logs in SIEM for the investigation
- Co-ordinate with stakeholders to build and maintain positive working relationship
- Prepare detailed incident reports and documentation outlining the nature of breaches, investigative procedures, and findings
- Minimum six (6) years experience
- Bachelor's or master's degree in Cybersecurity, Computer Science, Information Technology, or related field.
- Several years of hands-on experience in cybersecurity investigations and incident response.
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), Certified Cyber Forensics Professional (CCFP), or equivalent.
- Strong knowledge of cyber threats, attack vectors, and security vulnerabilities.
- Proficiency in digital forensics tools, network analysis tools, and malware analysis.
- Excellent leadership, communication, and interpersonal skills
- Problem-solving mindset and the ability to make well-informed decisions under pressure.
- Familiarity with legal and regulatory frameworks related to cybersecurity and data privacy.
- Experience working in a collaborative and fast-paced environment.