Mitigation and Response

4 days ago

Washington, United States Department of Homeland Security Full time

The Department of Homeland Security (DHS) is recruiting professionals to support a range of leadership roles in Mitigation and Response, including Vulnerability Response Section Chief, Lead Cyber Incident Response Coordinator, Targeted Notifications Section Chief, and Senior Cyber Incident Manager. All positions are in the DHS Cybersecurity Service.DHS Cybersecurity Service (DHS-CS) uses a multi-phase assessment process to qualify applicants seeking employment through the DHS-CS. Given the ever-advancing nature of cybersecurity and the ongoing need for cybersecurity talent, DHS-CS uses "Talent Pools" to pull qualified applicants (i.e., individuals who have successfully completed the multi-phase assessment process for their capability and career track/level) for consideration for these jobs.

This announcement is being used to fill the Mitigation and Response Talent Pool. By applying to this job announcement, you are opting to be part of the DHS-CS Talent Pool for ongoing consideration for employment for relevant open jobs and will remain eligible for consideration for up to one year from the date of completion.

There are a variety of Mitigation and Response opportunities across the Department, including supporting several specialized programs at the DHS Office of Strategy, Policy, and Plans (PLCY) the Cybersecurity and Infrastructure Security Agency (CISA), DHS Office of the Chief Information Officer (OCIO), and the Federal Emergency Management Agency (FEMA).

Depending on your career level and role, DHS Cybersecurity Service employees in the Leadership Career Track, with a technical capability in Mitigation and Response, will generally apply their expertise to perform a range of tasks, including:


Leading and/or overseeing a team or program in monitoring, analysis, incident response, and handling for DHS or its constituents
Proactively analyzing network traffic patterns to identify possible threats - includes analyzing log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) and using other analytic tools and data science methodologies
Leading others in monitoring DHS environments for potential threats or vulnerabilities, providing DHS or external agency/private industry leadership with situational visibility across the enterprise
Overseeing threat assessments for vulnerabilities on networks, systems software, and hardware and recommending appropriate mitigation
Ensuring incidents are managed in accordance with NIST stages of incident handling guidelines and assisting others who are less seasoned in properly applying these standards
Customizing communications for different levels of leadership and audiences to provide strategic direction and support to DHS, Component leadership and/or their SOCs, or external constituents to enable mission capabilities
Collaborating with internal and external DHS stakeholders in performing critical security operations and incident handling
Working with HQ and/or Component NOC/SOCs to block or deny access by hostile sites or restrict access by specific ports/protocols
Managing processes to implement, configure, monitor, and maintain Security Information and Event Management (SIEM) tools to monitor, detect and respond to threats on DHS or federal/national partner networks and enclaves
Managing techniques for gathering, recovering, analyzing, interpreting, preserving, and presenting information and digital evidence (from computers, mobile devices, websites, network packets, et al.) to support legal prosecution or other departmental requirements
Integrating stakeholder feedback when recommending recovery action plans for repairs, including mitigation strategies for interim system vulnerabilities/deficiencies
Customizing communications (e.g., incident updates and after-action reports) to emphasize the most critical information and address anticipated follow-up concerns of specific target audiences
Proposing, managing, and maintaining, a suite of cybersecurity tools, to include SIEM and Endpoint Security Tools
Overseeing designated managers, cyber incident responders, and cybersecurity service provider team members in handling suspected cyber incidents articulating the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
Collaborating with team members to collect intrusion artifacts (e.g., source code, malware, trojans) and using discovered data to enable mitigation of potential cyber defense incidents within the enterprise in accordance with recovery action plans
This position is in the Leadership Track across a range of career levels. Employees in this career track generally:


Have between 5-15 years of cybersecurity work experience.
Have between 0-5 years of cybersecurity leadership experience.


DHS Cybersecurity Service employees with a technical capability in Mitigation and Response will generally:


Track and respond to prioritized urgent IT and cyber events and indicators of compromise (IOCs) to mitigate threats to networks, systems, and applications.
Investigate and analyze response activities and employs various advanced response and recovery approaches as appropriate.
Apply understanding of tactics, techniques, and procedures for investigative processes, including identifying adversaries' TTPs and applying corresponding defense or security controls.
Conduct root cause analysis and response coordination, providing recommendations for mitigation.
Execute recovery action plans and adapts plans to handle new developments.

DHS Cybersecurity Service employees start at career levels and salaries matching their experience and expertise. In recruiting for this opportunity, DHS may hire employees at higher or lower career levels and associated salaries. To learn more about DHS Cybersecurity Service career tracks and levels, visit our application portal.

This position is focused on Mitigation and Response.

DHS Cybersecurity Service jobs are structured cybersecurity specializations - called technical capabilities. To learn more about technical capabilities, visit our application portal.

  • Cybersecurity Expert, Insider Threat Mitigation and Response

    4 weeks ago

    Washington, United States Paul Davis Restoration of Greenville and Spartanburg Full time

    About the RoleWe are seeking a highly skilled Security Engineer to join our team at Paul Davis Restoration of Greenville and Spartanburg. As a Security Engineer, you will play a critical role in identifying and disrupting illicit human trafficking activities across our platforms, utilizing a combination of internal data and external intelligence.Key...

  • Director of Security and Risk Mitigation

    4 weeks ago

    Washington, United States The National Endowment for Democracy Full time

    Job DescriptionThe National Endowment for Democracy (NED) is seeking an experienced and skilled Global Security Director to join our team. As a key member of our organization, you will be responsible for establishing and maintaining our overall security strategy and program, including compliance monitoring and enforcement.Key ResponsibilitiesGlobal Security...

  • Loss Mitigation Technical Specialist

    2 weeks ago

    Liberty Lake, Washington, United States STCU Full time

    Job SummaryThe Loss Mitigation Technical Analyst plays a critical role in supporting the Loss Mitigation team by gathering and analyzing data, making recommendations, and scheduling to ensure effective delinquency and loan loss management.Key ResponsibilitiesMaintain efficient departmental operations by reviewing and updating procedures, recommending new...

  • Senior Cybersecurity Incident Response Analyst

    1 month ago

    Washington, Washington, D.C., United States TalentRemedy Full time

    Job OverviewThis is a remote opportunity.Position Summary:As a vital member of TalentRemedy's Information Security Incident Response team, the Senior Cybersecurity Incident Response Analyst will oversee the management of response activities for cybersecurity incidents throughout the organization. The ideal candidate will concentrate on evaluating,...

  • Incident Response Specialist

    4 weeks ago

    Washington, Washington, D.C., United States Critical Solutions Full time

    Job DescriptionJob Summary:Critical Solutions is seeking a highly skilled Cyber Security Analyst to join our team in Washington, DC. As a Cyber Security Analyst, you will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on any and all threats that are directed against those systems.Key Responsibilities:Monitor...

  • Cybersecurity Incident Response Specialist

    1 week ago

    Washington, Washington, D.C., United States cFocus Software Incorporated Full time

    Job Title: Cyber Incident Response Analyst (Senior)cFocus Software Incorporated is seeking a highly skilled Cyber Incident Response Analyst (Senior) to join our team in Washington, DC.Job SummaryWe are looking for a seasoned cybersecurity professional to lead our incident response efforts and provide expert support to our clients. The ideal candidate will...

  • Risk Mitigation Specialist

    4 weeks ago

    Washington, United States Public Storage Full time

    Job Summary:Public Storage is a leading self-storage company seeking a skilled Regional Loss Prevention Manager to join our team. As a key business partner, you will work collaboratively with Property Operations and other cross-functional teams to identify potential risks and provide timely solutions.Key Responsibilities:Security and Safety Analysis:...

  • Climate Change Mitigation Specialist

    3 weeks ago

    Washington, Washington, D.C., United States World Bank Group Full time

    About the Role:The World Bank Group is seeking a highly skilled and experienced professional to join its Climate Investment Funds (CIF) team as a Program Officer (Climate). This is an exciting opportunity to contribute to the global effort to address climate change and promote sustainable development.Key Responsibilities:Provide operational support for the...

  • Senior Cybersecurity Incident Response Analyst

    4 weeks ago

    Washington, Washington, D.C., United States TalentRemedy Full time

    Position OverviewThis is a remote opportunity.Role Summary:As a key member of the Information Security Incident Response team at TalentRemedy, the Senior Cybersecurity Incident Response Analyst will oversee the coordination of response initiatives for cybersecurity incidents throughout the organization. The ideal candidate will concentrate on assessing,...

  • Senior Cybersecurity Incident Response Analyst

    1 month ago

    Washington, Washington, D.C., United States TalentRemedy Full time

    Position OverviewThis is a remote opportunity.Role Summary:As a key member of the Information Security Incident Response team at TalentRemedy, the Senior Cybersecurity Incident Response Analyst will oversee the management of response efforts for cybersecurity incidents throughout the organization. The ideal candidate will concentrate on evaluating, triaging,...

  • Cybersecurity Incident Response Specialist

    7 days ago

    Washington, Washington, D.C., United States Critical Solutions Full time

    Job Title: Cybersecurity Incident Response SpecialistCritical Solutions is seeking a highly skilled Cybersecurity Incident Response Specialist to join our team. As a key member of our security operations team, you will be responsible for responding to and investigating cybersecurity incidents, working closely with our technical teams to identify and mitigate...

  • Cyber Incident Response Analyst

    3 days ago

    Washington, Washington, D.C., United States Critical Solutions Full time

    Job DescriptionCritical Solutions is seeking a highly skilled Cyber Incident Response Analyst to join our team. As a key member of our incident response team, you will be responsible for responding to and investigating cybersecurity incidents, working closely with cross-functional teams to identify and mitigate threats, and developing and implementing...

  • Cybersecurity Incident Response Lead

    1 week ago

    Washington, United States MindPoint Group Full time

    Cybersecurity Incident Response LeadMindPoint Group is seeking a highly skilled Cybersecurity Incident Response Lead to join our team. As a key member of our Security Operations Center (SOC), you will be responsible for leading our weekend shift team in monitoring enterprise networks and systems, detecting events, and reporting on any and all threats...

  • Sr. Information Security Analyst– Incident Response

    3 days ago

    Washington, United States TalentRemedy Full time

    As a member of the Information Security Incident Response team, the Sr. Information Security Analyst– Incident Response will coordinate the response activities for cyber security incidents across the corporate environment. You’ll focus on reviewing, triaging, analyzing, remediating, and reporting on cyber security incidents. As the Sr. Information...

  • Sr. Information Security Analyst– Incident Response

    3 days ago

    Washington, United States TalentRemedy Full time

    As a member of the Information Security Incident Response team, the Sr. Information Security Analyst– Incident Response will coordinate the response activities for cyber security incidents across the corporate environment. You’ll focus on reviewing, triaging, analyzing, remediating, and reporting on cyber security incidents. As the Sr. Information...

  • Digital Forensics Incident Response Specialist

    4 days ago

    Washington, Washington, D.C., United States Critical Solutions Full time

    Job Title: Digital Forensics Incident Response AnalystCritical Solutions is seeking a highly skilled Digital Forensics Incident Response Analyst to join our team in Washington, DC. As a key member of our incident response team, you will be responsible for investigating and responding to cybersecurity incidents, analyzing data, and developing strategies to...

  • Senior Cybersecurity Response Specialist

    1 month ago

    Washington, United States Computer World Services (CWS)Corporation Full time

    Job OverviewThe mission of Computer World Services (CWS) Corporation is to support the Financial Stability Oversight Council (FSOC) in enhancing financial stability through various initiatives. This includes gathering and standardizing data, conducting applied and long-term research, and developing essential tools for risk assessment and monitoring.Position...

  • Senior Industrial Hygienist

    3 weeks ago

    Washington, United States Witt O'Brien's Full time

    Job SummaryWe are seeking a highly skilled and experienced Senior Industrial Hygienist to join our team at Witt O'Brien's. As a key member of our global response team, you will be responsible for providing expert-level industrial hygiene services to support our clients in emergency response situations.Key ResponsibilitiesConduct qualitative and quantitative...

  • Cybersecurity Incident Response Specialist

    4 weeks ago

    Washington, United States Joint Enterprise Technologies Full time

    About Joint Enterprise Technologies:In today's dynamic global security landscape, adaptability is crucial. Threats can emerge from anywhere, necessitating our military services to be ready to respond at a moment's notice. A vital component in this mission is the support provided by government contracted services. We invite you to join our Service-Disabled...

  • Cybersecurity Incident Response Lead

    4 weeks ago

    Washington, Washington, D.C., United States General Dynamics Information Technology Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:NoneClearance Level Must Be Able to Obtain:NoneSuitability:Public Trust/Other Required:Job Family:Cyber SecurityJob Qualifications:Skills:Cyber Defense, Cybersecurity, Cyber Threat IntelligenceCertifications:Experience:5 + years of related experienceUS Citizenship Required:YesJob...