Senior Cybersecurity Engineer / Analyst – Incident Response Lead (IR Lead) chez SOS International LLC

Overview:

SOSi is on the hunt for a Senior Cybersecurity Engineer / Analyst – Incident Response Lead (IR Lead) to join our elite team in Hawaii, where groundbreaking innovation meets mission-critical operations.

 

In this pivotal role, you’ll be the driving force behind the Hawaii NSOC’s cyber defense operations—leading real-time monitoring, threat triage, and incident investigations that safeguard INDOPACOM’s multi-enclave Coalition connectivity. Our team harnesses cutting-edge Desktop as a Service (DaaS) Private Cloud infrastructure to deliver resilient, scalable solutions across the Pacific theater.

 

As the IR Lead, you’ll take charge during critical moments—validating high-priority threats, containing advanced attacks, and steering a sharp team of analysts in lockstep with NSOC leadership and engineers. This is more than a job—it’s a rare opportunity to shape the future of cybersecurity in one of the most strategically vital regions on Earth.

 

Protect the mission. Lead the response. Make your impact in Hawaii.

Responsibilities:

• Lead the Cybersecurity Engineer / Analyst team, assigning monitoring priorities, overseeing investigations, and providing mentorship.
• Act as Incident Response Lead (IRL) during escalations, coordinating containment, remediation, and reporting across the NSOC, mission partners, and external stakeholders.
• Validate and adjudicate escalated detections from SOC tools (including AI-assisted platforms), ensuring accuracy, prioritization, and timely response.
• Mentor and coach analysts in advanced detection, threat hunting, and incident response skills; provide regular feedback and performance oversight.
• Serve as the primary liaison between analysts and engineering staff to refine detections, SOAR playbooks, and automation workflows.
• Direct proactive threat hunting operations based on adversary TTPs, threat intelligence, and anomaly detection.
• Ensure incidents are documented to NSOC standards, with lessons learned integrated into playbooks and training.
• Lead tabletop drills and red/blue team exercises to validate readiness and incident response procedures.
• Provide senior-level reporting and executive briefings on major incidents.
• Maintain compliance with RMF, CSSP, and NSOC SOPs; validate processes meet accreditation requirements.

Qualifications:

• Active in scope SECRET clearance.
• Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related technical discipline; equivalent work experience considered.
• 5+ years of SOC/NSOC or cyber defense experience, with demonstrated IR and threat hunting expertise.
• DoD 8140 baseline certification (CASP+/SecurityX or CISSP or GCIA or GCIH or CEH or CFR).
• Proven experience leading analyst teams or serving as a shift/incident lead.
• Strong knowledge of adversary TTPs (MITRE ATT&CK), malware analysis, and advanced detection/response techniques.
• Proficiency with SIEM, EDR, SOAR, and packet capture/analysis tools (e.g., Wireshark, Zeek).
• Strong leadership, communication, and briefing skills for technical and executive audiences.

Preferred Qualifications:

• Active Top Secret clearance with ability to obtain/maintain TS/SCI.
• Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI.
• Experience in a military cyber defense environment or enterprise-level 24/7 SOC.
• Prior IR Lead/Tier 3 response experience with major incident coordination responsibilities.
• Familiarity with AI/LLM-assisted SOC tools or automation pipelines (nice to have).

Working Conditions:

• Location: Hawaii NSOC.
• Schedule: Core leadership role with daytime hours; requires flexibility to support a 24/7/365 NSOC, including on-call on-call responsibilities for after-hours escalations.
• Environment: High-tempo, mission-critical operations requiring adaptability, collaboration, and rapid decision-making.
• Relocation packages may include a two-year commitment.

Postuler maintenant