Incident Response & Digital Forensics, Subject Matter II

Koniag Government Services

Koniag Management Solutions (KMS) , a Koniag Government Services company, is looking for a highly qualified, experienced, and self-motivated individual to perform the duties of an Incident Response & Digital Forensics, Subject Matter II to support KMS and our government customer in Metro DC area. This is a remote opportunity during the pandemic, periodic requirement to go to the USAID facility to support classified or digital forensics activities

We offer highly competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Job Overview:

Respond and resolve cybersecurity incidents, and proactively prevent reoccurrence of these incidents. Apply advanced consulting or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Develops requirements from a program’s inception to its conclusion in the subject matter area for simple to moderately complex systems. Serves as Subject Matter Expert possessing in-depth knowledge or skills in a particular area such as information technology, telecommunications, security/cyber security operations, computer science engineering, software, mathematics, hardware, materials, business, state of the art technologies or program related subject matter. Support the team leadership for the incident response, digital forensics, and threat intelligence team.

Essential Functions, Responsibilities & Duties may include, but are not limited to:
8+ years of experience with Incident Response in a leadership role, in a computer investigative role or on an incident response team
Experience with conducting highly technical examinations, analysis, and reporting of computer-based evidence for security incidents or investigations, and documenting incidents from initial detection through final resolution
Knowledge of digital investigations and incident response processes, including detection, triage, incident analysis, remediation, and reporting
Knowledge of information security, threats, attacks, vulnerabilities, techniques, and exploits
Ability to troubleshoot difficult problems and apply root cause analysis
Ability to secure handling of digital evidence and matter confidentiality
Ability to analyze data, including logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
Ability to coordinate with and act as subject matter expert to resolve incidents by working with other information security specialists to correlate threat assessment data to maintain and expand information security metrics
Experience with various security tools including Tenable Nessus, Qualys, FireEye HX, Email Threat Protection (ETP), Palo Alto Firewalls, Mandiant Security Validation, AirWatch, and others
Secret clearance required

Work Experience, Knowledge, Skills & Abilities:
Experience with programming and scripting, including Python, Perl, Bash, PowerShell, or C++
Experience in working with Cloud Platforms
Experience in a consulting environment and clearly communicating technical subjects to clients
Experience with digital investigations, including computer forensics, network forensics, eDiscovery, malware analysis, or memory analysis
Experience with Agile methodologies
Knowledge of IT and OT environments, including enterprise, hybrid, and cloud
Ability to discover and support new analytic methods for detecting threats
Ability to provide process improvements suggestions to customers
Ability to author clear and concise reports and review and QA team member submissions
DoD 8570 IAT Level II or III Certification

Working Environment & Conditions

This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender, or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information, or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at or by calling 703-488-9377 to request accommodations. This contact information is used for accommodation requests only and cannot be used to inquire on a status of your application.

KMS is an 8(a) certified company, is a wholly owned subsidiary of Koniag, Inc., an Alaska Native Regional Corporation and part of the Koniag Government Services Sector. KMS provides a range of professional services for cyber intelligence and information technologies capabilities to the Federal Government, Civilian, and commercial markets to further the nation’s national security and civilian service missions. KMS addresses some of our country’s most pressing challenges in the areas of Cyber Intelligence, Business Analysis, Emergency Preparedness and Contingency Planning.

Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352

Job Overview
  • Region

  • Receive job alerts:
    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    By subscribing below, you acknowledge that your email address will be transferred to Sendinblue for processing in accordance with their terms of use

Receive job alerts:

Your subscription could not be saved. Please try again.
Your subscription has been successful.

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use