Tier 3 Incident Responder (Cybersecurity)

TL;DR

Tier 3 Incident Responder (Cybersecurity): Leading complex incident investigations and digital forensics for a federal program with an accent on threat detection and response lifecycle. Focus on executing advanced threat hunting using Microsoft Sentinel and Defender XDR, conducting root cause analysis, and ensuring compliance with NIST standards.

Location: Remote (Must possess an active Public Trust clearance)

Company

hirify.global provides specialized technical support and software services for government agencies.

What you will do

• Lead complex incident investigations across cloud, endpoint, network, and identity environments.
• Perform full lifecycle incident response including detection, triage, containment, eradication, and recovery.
• Conduct digital forensics, including evidence acquisition, preservation, and analysis.
• Perform static and dynamic malware analysis and provide root cause analysis (RCA).
• Execute advanced threat hunting across Microsoft Sentinel and XDR platforms.
• Develop and improve incident response playbooks and ensure evidence integrity.

Requirements

• Active Public Trust clearance.
• 5–8+ years of experience in cybersecurity incident response or digital forensics.
• Hands-on experience with Microsoft Sentinel, Defender XDR, and SIEM tools.
• Strong knowledge of NIST SP 800-61 and the MITRE ATT&CK framework.
• Experience with forensic tools such as EnCase, FTK, Volatility, or Velociraptor.
• B.S. in Computer Science, Information Technology, or a related field.

Nice to have

• Certifications: GCIA, GCIH, CISSP, CEH, or equivalent.
• Microsoft Sentinel or Microsoft security platform certifications.
• Cloud security certifications (e.g., AWS security).
• Privacy certifications such as CIPP/US or CIPM.