Senior Cyber Incident Responder

Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You’ll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development.

Requirements

• 7–10+ years of overall IT/security experience, including 4–6+ years in incident response, SOC, threat hunting, or security operations.
• Demonstrated experience leading investigations across common incident types (credential theft, malware/ransomware, web exploitation, data exposure, cloud/identity abuse).
• Strong working knowledge of: Enterprise logging and detection (e.g., Splunk or similar SIEM), Incident workflow/case management (e.g., ServiceNow or comparable platforms), Identity and access patterns (AD/Azure AD concepts, authentication logs, privilege pathways), Network security fundamentals (firewalls, proxies, segmentation, VPN access patterns).
• Proven ability to analyze log sources and security telemetry to reconstruct attack paths and identify blast radius.
• Working knowledge of industry frameworks and standards such as NIST 800-61 (Incident Response), MITRE ATT&CK, and common secure operations practices.
• Strong written and verbal communication skills, including executive-ready incident summaries and technically detailed incident reports.
• Ability to participate in an on-call rotation and respond effectively during high-severity events.

Benefits

• Generous, flexible vacation policy
• 401(k) employer match
• Comprehensive health benefits
• Educational assistance
• Leadership and technical development academies