Position Details

    Job Details

    Position:  Incident Response Specialist, TS/SCI Clearance Required, Wallops Island, VA
    Posted:   06/20/2023

    GRIMM Cyber, a market leader in offensive and defensive tailored cyber security solutions for commercial and government applications, is hiring Incident Response Specialists to help defend NASA enterprise networks against global cyber threats. Since 2013, GRIMM has delivered cybersecurity testing and research to harden avionics and satellite platforms, commercial products and applications, and Federal IT networks to improve cyber resilience. We are looking to grow our team of cyber security professionals committed to client excellence, professional development, and growing technical knowledge for real-world applications.

    Incident Response (IR) Specialists will provide full-spectrum support to all aspects of NASA’s Security Operations Center’s (SOC) IR mission including activities such as incident identification, containment, recovery, eradication, investigation, analysis, reporting, and follow-up on all cybersecurity incidents, privacy or CUI breaches that affect the agency. Team members will provide services to protect, detect and respond to unauthorized activities affecting NASA information, information systems, and networks.

    Once selected, team members will:

    • Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation

    • Assist the Government in coordinating NASA’s response to agency-wide and/or significant cyber incidents and providing oversight for this service 

    • Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level

    • Review cyber intelligence threats reports, including but not limited to, SOC MARs, SOC SARs, and DHS/CISA Emergency Directives and take appropriate actions 

    • Provide analysis reports to potentially affected organizations in accordance with NASA’s guidance to ensure complete, effective, and resource-efficient mitigation strategies  

    • Develop and deliver initial and final incident reports in accordance with DHS/CISA Federal Incident Notification Guidelines, NASA Incident Response Management IT Security Handbook, NIST SP 800-6

    • Develop and provide after-action incident reports, including root cause analysis, lessons learned, etc., as requested

    • Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative

    • Maintain all technical details, reports, and incident status, and document all required incident response information in incident reports in NASA’s authoritative incident management system. Document all incident response activities in NASA’s authoritative incident management system

    • Assist the Government in developing requirements and configurations for NASA’s authoritative incident management system and other IR tools and applications

    • Prepare detailed reports, assessments, presentations, and briefings on cybersecurity incidents, the results of analyses, and recommendations as requested

    • Recommend rules and policies (including defining the events to log) for Incident Detection and Incident Response tools and applications

    • Support the development of weekly, monthly, quarterly, and annual incident response trends and metrics

    • Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements



    • Bachelor's Degree with 12 years of professional experience

    • US Citizenship required

    • Active TS/SCI security clearance with the ability to obtain and maintain a favorably adjudicated NASA background investigation

    • Demonstrated understanding of cyber attacks and potential impacts against enterprise IT systems for IR, mitigation, and recovery efforts

    • One or more DoD 8570.01-M Approved Baseline Certifications (e.g., Network+, CySA+, CISSP, GSEC, etc.)

    • Must be able to work onsite in work location shown below


    Location: Wallops Island, VA 23337. Due to the hands-on nature of much of our work, preference is for candidates already located in or willing to relocate at your own expense to the work location. 


    Why GRIMM?

    GRIMM offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

    • Work with a team of skilled people who think hacking is fun

    • Medical/dental/vision insurance that begins on Day 1

    • $0 premium option for Medical, Dental and Vision for you and your dependents 

    • 401(K) Retirement Plan with a 5% company match and no vesting period

    • Health & Dependent Care Flexible Spending accounts are available options

    • Paid Parental Leave

    • 11 paid holidays a year - including MLK Day, Juneteenth, Indigenous People's Day, and Veteran's Day

    GRIMM is a pioneering cybersecurity organization led by business-savvy experts. Our services are informed by extensive experience working with advanced threats, discovering critical vulnerabilities, and demonstrating meaningful solutions for advanced problems. Our insight is built on operational experience in solving the most challenging cybersecurity problems. Our engineers, researchers, and exploit mitigation experts actively hunt for unknown and undocumented threats.

    GRIMM works with government and commercial clients from various industries, services, and specialties that require the ability to uncover security gaps and areas of exposure at every level. Learn more about us at grimmcyber.com.

    GRIMM promotes a Drug-Free Workplace, is an Equal Opportunity Employer, and is an Affirmative Action Employer. We participate in E-Verify.



    You have selected the following position to apply for:



    How did you hear about GRIMM?
    Source   Other

    Are you authorized to work in the US?

    What is your security clearance level?
    Select   If other please enter here:

    Additional Information
    Select If you would like to share anything else please do so here:


    You have selected the following position to apply for:


    Form CC-305   
    Page 1 of 1   

    Voluntary Self-Identification of Disability

    OMB Control Number 1250-0005
    Expires 04/30/2026


    Why are you being asked to complete this form?

    We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

    Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.


    How do you know if you have a disability?

    A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:



    Alcohol or other substance use
    disorder (not currently using
    drugs illegally)


    Autoimmune disorder, for
    example, lupus, fibromyalgia,
    rheumatoid arthritis, HIV/AIDS


    Blind or low vision


    Cancer (past or present)


    Cardiovascular or heart


    Celiac disease


    Cerebral palsy



    Deaf or serious difficulty







    Disfigurement, for example,
    disfigurement caused by burns,
    wounds, accidents, or congenital


    Epilepsy or other seizure disorder


    Gastrointestinal disorders, for example,
    Crohn's Disease, irritable bowel


    Intellectual or developmental disability


    Mental health conditions, for example,
    depression, bipolar disorder, anxiety
    disorder, schizophrenia, PTSD


    Missing limbs or partially missing limbs


    Mobility impairment, benefiting from the
    use of a wheelchair, scooter, walker,
    leg brace(s) and/or other supports



    Nervous system condition, for example,
    migraine headaches, Parkinson's
    disease, multiple sclerosis (MS)


    Neurodivergence, for example,
    attention-deficit/hyperactivity disorder
    (ADHD), autism spectrum disorder,
    dyslexia, dyspraxia, other learning


    Partial or complete paralysis (any


    Pulmonary or respiratory conditions, for
    example, tuberculosis, asthma,


    Short stature (dwarfism)


    Traumatic brain injury



    Please check one of the boxes below:


    PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.



    Addtional Document

    Addtional Documents


    Thank you for your interest in our company! You have successfully applied for the following position: