Senior Cybersecurity Incident Response Specialist
Company: BERING STRAITS PROFESSIONAL SERVICES LLC
Location: Macon
Posted on: February 17, 2026
|
|
|
Job Description:
Job Description Job Description SUMMARY Bering Professional
Services (BSPS), a company within the BSNC family, is currently
seeking a seeking a Senior Cybersecurity Incident Response
Specialist to work with our federal client. The ideal candidate for
this job will serve as an incident responder on the federal agency
client’s in-house Security Operations Center (SOC) team within the
client’s Cybersecurity Division – Cyber Integration Center. A
highly motivated individual with strong technical, communication,
and analytical skills will succeed on this program. ESSENTIAL
DUTIES & RESPONSIBILITIES The Essential Duties and Responsibilities
are intended to present a descriptive list of the range of duties
performed for this position and are not intended to reflect all
duties performed within the job. Other duties may be assigned.
Member of the SOC team which provides 24 hours per day, 7 days per
week, 365 days per year monitoring and incident response services
for the organization’s Network, Systems, Applications, and Web
services. Provide senior level cybersecurity incident response
expertise in support of the client’s Incident Response processes
and procedures. Develop operational baselines such data flows and
application interactions to enhance SOC’s ability to respond to
incidents. Prepare and manage playbooks and relevant scenarios in
addition to narratives and visual diagrams and review continuously,
in compliance with NIST SP 800-61 and Government guidance. Follow
current guidance from NIST 800-61, Federal Incident Notification
Guidelines, CISA’s Incident Response and Vulnerability Playbook,
and client guidance. Monitor system status and sensor data from
deployed sensors and triage for validity from Security Information
and Event Management (SIEM) System, email, texts, phone calls and
all enterprise managed dashboards. Analyze all sources including
network traffic, identity, fault, performance, and bandwidth
information, alerts and data to augment detection of network
anomalies and unauthorized activity. Meet regularly with client
stakeholders to develop content, analytic rules, alerts,
dashboards, automation and identify ways to improve availability
and efficiency of client’s incident response program. Categorize,
Prioritize, and Report on cybersecurity events in accordance with
(IAW) SOPs and other relevant policies documents. Implement
cybersecurity mitigations leveraging client tools and systems.
Create and escalate cybersecurity-related investigations to both
internal and external entities such as DHS or other Government
Agencies with client and Federal defined timelines. Manage,
coordinate, and respond to FOIA, audits, data calls, e-discovery
and information requests. Schedule and execute incident response
tabletop exercises with each client FISMA system on an annual
basis. Review and handle phishing messages reported by client
staff. QUALIFICATIONS - EXPERIENCE, EDUCATION AND CERTIFICATION To
perform this job successfully, an individual must be able to
satisfactorily perform each essential duty. The requirements listed
below are representative of the knowledge, skill and/or ability
required. Reasonable accommodations may be made to enable
individuals with disabilities to perform the essential functions.
Required (Minimum Necessary) Qualifications High School or
GED-General Educational Development-GED Diploma Bachelor’s degree
in computer science or equivalent is preferred Minimum of five
years hands-on experience · Proven experience detecting, triaging,
and responding to cyber incidents across enterprise networks and
cloud environments. · Proficiency with SIEM, EDR/XDR platforms, and
forensic tools. · Strong understanding of threat actor TTPs, MITRE
ATT&CK framework, and incident containment strategies. ·
Ability to analyze network traffic, logs, and endpoint telemetry to
identify malicious activity. · Familiarity with malware analysis,
reverse engineering basics, and memory analysis concepts ·
Experience developing and tuning detection rules, playbooks, and
automated response workflows. · Working knowledge of incident
response frameworks (e.g., NIST SP 800-61, SANS). · Understanding
of vulnerability management, threat intelligence integration, and
SOC metrics/reporting. · Understanding of basic computer and
networking technologies. o Windows and Linux/Unix operating systems
o Networking technologies (routing, switching, VLANs, subnets,
firewalls) o Common networking protocols – SSH, SMB, SMTP,
FTP/SFTP, HTTP/HTTPS, DNS, etc. o Common enterprise technologies –
Active Directory, Group Policy, and the Microsoft Azure suite of
cloud services. o Understanding of current system logging
technology and retrieving information from a plethora of technology
platforms. Knowledge, Skills, Abilities, and Other Characteristics
· Ability to work well in a team environment. · Self-starter with
ability to work with little supervision. · Willingness to take on
and adapt to new, open-ended tasks for which there is no current
standard operating procedure. · Ability to research independently
and self-teach. · Strong analytical and decision-making skills
under pressure. · Excellent written and verbal communication,
including incident documentation and executive briefings. · Ability
to lead investigations, mentor junior analysts, and collaborate
with cross-functional teams. Preferred · Interest in
security/hacking culture. Ability to “think like an attacker” ·
General cybersecurity certifications (one or more of the following
preferred): o CompTIA Security o CompTIA Cybersecurity Analyst
(CySA) o Certified Ethical Hacker (CEH) o GIAC Certified Incident
Handler (GCIH) · Any cloud security certification, especially: o
CompTIA Cloud o Certified Cloud Security Professional (CCSP) o
Cloud Security Alliance Certificate of Cloud Security Knowledge
(CCSK) · Any Microsoft 365/Azure cybersecurity certification,
especially: o Microsoft Certified: Security Operations Analyst
Associate (SC-200) o Microsoft Certified: Security, Compliance, and
Identity Fundamentals (SC-900) o Microsoft Certified: Azure
Fundamentals (AZ-900) o Microsoft Certified: Azure Security
Engineer Associate (AZ-500) · Familiarity with the Microsoft 365
and Microsoft Azure suite of products, including Microsoft Sentinel
and Microsoft 365 Defender. · Knowledge of common enterprise
technologies, policies, and concepts such as: o Microsoft Sentinel
SIEM o Kusto Query Language (KQL) o Mobile device technologies
(iOS, Android) o Scripting experience (PowerShell, Python, etc.) o
Microsoft Power BI o Azure DevOps · Artificial Intelligence (AI) /
Machine Learning (ML) expertise o In-depth knowledge of AI and ML
concepts. o How to practically apply AI/ML technologies to enhance
cyber threat hunting and incident response capabilities. o
Experience with specific AI services offered within Microsoft
Azure. NECESSARY PHYSICAL REQUIREMENTS Essential and marginal
functions may require maintaining physical condition necessary for
bending, stooping, sitting, walking or standing for prolonged
periods of time; most of time is spent sitting in a comfortable
position with frequent opportunity to move about. DOT
COVERED/SAFETY-SENSITIVE ROLE REQUIREMENTS · This position is not
subject to federal requirements regarding Department of
Transportation “safety-sensitive” functions. WORK ENVIRONMENT Work
Environment characteristics described here are representative of
those that must be borne by an employee to successfully perform the
essential functions of this job. The job is performed in an office
setting with exposure to computer screens and requires extensive
use of a computer, keyboard, mouse, and multi-line telephone
system. The work described herein is primarily in a modern office
setting. Occasional travel may be required. SUPERVISORY
RESPONSIBILITIES · No supervisory responsibilities. ADDITIONAL
QUALIFYING FACTORS As a condition of employment, you will be
required to pass a pre-employment drug screening and have
acceptable background check results. If applicable to the contract,
you must also obtain the appropriate clearance levels required and
be able to obtain access to military installations. Shareholder
Preference BSNC gives hiring, promotion, training, and retention
preference to BSNC shareholders, shareholder descendants and
shareholder spouses who meet the minimum qualifications for the
job. Bering Straits Native Corporation is an equal opportunity
employer. All applicants will receive consideration for employment
without regard to any status protected by state or federal law, or
any other basis prohibited by law.
Keywords: BERING STRAITS PROFESSIONAL SERVICES LLC, Sandy Springs , Senior Cybersecurity Incident Response Specialist, IT / Software / Systems , Macon, Georgia
