ECS is seeking an Operations/Incident Response Support Lead to work in our Boyers, PA office Please Note: This position is contingent upon [contract award].

Job Description:

We are seeking an experienced Operations/Incident Response Lead to ensure the management of SLA requirements on trouble tickets. The ideal candidate will have a proven track record of successfully leading teams within enterprise environments. They will possess strong skills in producing technical documents and engineering diagrams, along with excellent written and verbal communication abilities. The role requires a team-focused individual with a solid understanding of Office 365 and Windows Server. The candidate will play a crucial role in coordinating and directing response efforts to mitigate and resolve incidents efficiently.

Required Skills:

• Minimum 5 years of experience.
• Experience leading an incident response team.
• Experience managing SLA requirements on trouble tickets.
• Demonstrable history of successfully leading an incident response team in an enterprise environment.
• Skilled at producing technical documents and engineering diagrams.
• Strong written and verbal communication skills.
• Team-focused and collaborative.
• Strong understanding of Office 365.
• Strong understanding of Windows Server.

Desired Skills:

• Provide 24/7/365 incident response and handling for network, cybersecurity, and application monitoring events.
• Proactively monitor, detect, analyze, respond, and report on events and incidents in accordance with Federal laws, policies, regulations, standards, and guidelines.
• Receive alerts and notifications of anomalous and suspicious activity via automated tools, user reports, and external reporting.
• Perform continuous monitoring of all agency IT systems and information assets.
• Investigate alerts, conduct incident triage, perform root cause analyses, and execute incident response actions to resolve issues and minimize harm.
• Provide core hours support between 6 a.m. to 6 p.m. Monday–Friday.
• Maintain on-call availability 24/7/365 to support OPM Incident Response processes and activities.
• Provide senior-level cybersecurity incident response expertise.
• Validate escalated incidents from Managed Services Providers.
• Monitor system status and sensor data from SIEM systems, email, texts, phone calls, and managed dashboards.
• Analyze network traffic, identity, fault, performance, and bandwidth information to detect anomalies and unauthorized activity.
• Collaborate with OPM stakeholders to develop content, analytic rules, alerts, dashboards, and automation for improving IR program efficiency.
• Categorize, prioritize, and report on cybersecurity events in accordance with SOPs and relevant policies.
• Implement cybersecurity mitigations using OPM tools and systems.
• Develop operational baselines for data flows and application interactions to enhance incident response capabilities.
• Prepare and manage playbooks and scenarios, ensuring compliance with NIST SP 800-61 and OPM guidance.
• Lead daily operations situational reports and communications.
• Review and handle phishing messages reported by OPM staff.
• Coordinate and escalate cybersecurity-related investigations to internal and external entities, including DHS and other Government Agencies, within defined timelines.
• Schedule and conduct annual incident response tabletop exercises with each OPM FISMA system.
• Develop and maintain procedures and playbooks for broad incident response efforts involving other OPM groups.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800 employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.