[Hiring] Cybersecurity Incident Response Engineer, Jr @ASM Research

Role Description

The Cybersecurity Incident Response Engineer, Jr. monitors enterprise security tools and logs to detect, analyze, and triage potential cybersecurity threats targeting mission‑critical systems and data. The role performs initial investigations, distinguishes false positives from genuine incidents, and escalates significant events to senior analysts or incident responders as appropriate. The analyst supports basic containment and response actions, documents events and findings, and helps fine‑tune security controls to improve detection fidelity in a highly regulated federal IT environment.

• Monitor SIEM and other security tooling to review events, correlate logs from multiple sources, and identify suspicious patterns that may indicate cybersecurity threats or policy violations.
• Perform Tier 1 alert triage by validating alert context, determining severity and potential impact, filtering out false positives, and generating well-documented tickets for escalation.
• Assist with incident response activities, including gathering evidence, capturing indicators of compromise, and supporting containment and recovery steps under guidance of senior analysts.
• Document investigations thoroughly, including timelines, data sources reviewed, actions taken, and handoffs, to support audit requirements and follow-on analysis.
• Maintain familiarity with common security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners, and interpret how their alerts surface within SOC tools.
• Follow established SOC standard operating procedures, playbooks, and reporting formats, and contribute feedback to improve them as detection and response capabilities mature.
• Support continuous tuning of rules, use cases, and dashboards to reduce noise, enhance detection accuracy, and improve visibility into the client environment.
• Collaborate with IT, operations, and risk teams to align monitoring and response activities with cybersecurity policies, regulatory expectations, and mission priorities.

Qualifications

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field, or equivalent relevant experience.
• 0–3 years of experience in cybersecurity, IT operations, or related technical roles with exposure to security monitoring and incident triage.
• Foundational understanding of cybersecurity concepts, common attack techniques, and the role of a security operations center in detection and response.
• Hands-on familiarity with security tools such as SIEM, firewalls, IDS/IPS, endpoint protection, or vulnerability scanners, and ability to interpret basic alerts and logs.
• Active SECRET clearance or ability to obtain and maintain required clearance.
• U.S. citizenship required to support federal information security requirements.
• Strong analytical, problem-solving, communication, and teamwork skills, with the ability to manage multiple alerts and tasks in a fast-paced SOC environment.

Requirements

• Experience working in or supporting a 24x7 SOC environment, including shift work and effective handoff practices for ongoing incidents.
• Entry-level security certifications such as Security+, CySA+, or similar that validate core defensive operations knowledge.
• Experience following or implementing documented playbooks, runbooks, or standard operating procedures in a security or IT operations context.
• Familiarity with federal cybersecurity policies, control frameworks, or agency-specific security requirements.

Benefits

• Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience.
• The compensation displayed for this role is a general guideline based on these factors and is unique to each role.
• Monetary compensation is one component of ASM's overall compensation and benefits package for employees.