Cyber Incident Manager
Company: Castalia Systems
Location: Arlington
Posted on: April 1, 2026
|
|
|
Job Description:
Job Type: Full- Time Workplace Type : Onsite in Arlington, VA
(Providing support during assigned shifts (M-F 1400-2230 EST)
Clearance: TS/SCI clearance with ability to obtain a DHS
Suitability Must be a U.S. Citizen Benefits: Medical, dental, and
vision coverage, 401k matching, generous PTO, paid holidays,
professional training opportunities, and even pet insurance to
ensure your furry friends are cared for too. Job Summary Castalia
Systems is supporting a U.S. Government customer to provide support
for onsite incident response to civilian Government agencies and
critical asset owners who experience cyber-attacks, providing
immediate investigation and resolution. Contract personnel perform
investigations to characterize the severity of breaches, develop
mitigation plans, and assist with the restoration of services.
Castalia is seeking a Cyber Incident Manager to support this
critical customer mission. Roles and Responsibilities A qualified
candidate will perform the following duties and responsibilities,
but are not limited to: Correlating incident data to identify
specific trends in reported incidents Recommending defense in depth
principles and practices (i.e. Defense in Multiple Places, layered
defenses, security robustness, etc.) Performing Computer Network
Defense incident triage to include determining scope, urgency, and
potential impact Researching and compiling known resolution steps
or workarounds to enable mitigation of potential Computer Network
Defense incidents within the enterprise Applying cybersecurity
concepts to the detection and defense of intrusions into small, and
large-scale IT networks, and conduct cursory analysis of log data
Monitoring external data sources to maintain currency of Computer
Network Defense threat condition and determine which security
issues may have an impact on the enterprise Identifying the cause
of an incident and recognizing the key elements to ask external
entities when learning the background and potential infection
vector of an incident, Receiving and analyzing network alerts from
various sources within the enterprise and determine possible causes
of such alerts Tracking and documenting Computer Network Defense
(CND) incidents from initial detection through final resolution,
and work with other components within the organization to obtain
and coordinate information pertaining to ongoing incidents
Providing support during assigned shifts (M-F 1400-2230 EST)
Required Qualifications: 5 years of directly relevant experience in
cyber incident management or cybersecurity operations BS Incident
Management, Operations Management, Cybersecurity or related degree.
HS Diploma with 7-9 incident management or cyber security
experience Knowledge of incident response and handling
methodologies Having close familiarity with NIST 800-62 (latest
revision), and FISMA standards as they pertain to reporting
incidents. Knowledge of the NCCIC National Cyber Incident Scoring
System to be able to prioritize triaging of incident Knowledge of
general attack stages (e.g., foot printing and scanning,
enumeration, gaining access, escalation of privileges, maintaining
access, network exploitation, covering tracks, etc.) Skill in
recognizing and categorizing types of vulnerabilities and
associated attacks Knowledge of basic system administration and
operating system hardening techniques, Computer Network Defense
policies, procedures, and regulations Desired Qualifications:
Knowledge of different operational threat environments (e.g., first
generation [script kiddies], second generation [non nation-state
sponsored], and third generation [nation-state sponsored])
Knowledge of system and application security threats and
vulnerabilities (e.g., buffer overflow, mobile code, cross-site
scripting, PL/SQL and injections, race conditions, covert channel,
replay, return- oriented attacks, and malicious code) Desired
Certifications: GCIH, GCFA GISP, GCED, CCFP or CISSP Physical
Requirements/Work Environment Normal office environment. Providing
support during assigned shifts (M-F 1400-2230 EST) Travel Less than
5%. Company Description Castalia Systems is a proven business
partner providing mission critical solutions to the Federal
Government. We provide cutting edge solutions from Securing and
Managing Data to Systems Engineering and Development. Castalia
Systems is a pioneer in Artificial Intelligence Design and
Application. With our vast knowledge of our customers? needs and
relevant technology, our team is able to bring successful solutions
to every mission. We are one-upping our competitors by providing
premium IT solutions and platforms with cutting-edge technology so
it?s so evident when you compare us with anyone. Disclaimer
Castalia Systems is an equal employment opportunity and affirmative
action employer and strives to comply with all applicable laws
prohibiting discrimination based on race, color, creed, sex, sexual
orientation, age, national origin, or ancestry, physical or mental
disability, veteran status, marital status, HIV-positive status, as
well as any other category protected by federal, state, or local
laws. All such discrimination is unlawful, and all persons involved
in the operations of the company are prohibited from engaging in
this type of conduct.
Keywords: Castalia Systems, Charlottesville , Cyber Incident Manager, IT / Software / Systems , Arlington, Virginia
