• Lead position in analyzing clinical, business and/or technical processes and problems • Provides advanced technical expertise in identifying, evaluating and developing systems and procedures • Gathers and works with departments to prioritize development initiatives and activities • Manages system upgrades and large projects • Responsible for oversight of assigned Epic modules, workflows and system configuration

Role Description The Incident Response Engineer, Senior provides senior-level technical leadership for resolving complex IT incidents that affect mission-critical services in a federal enterprise environment. The role leads deep end-to-end investigations through advanced observability, telemetry analysis, and cross-layer dependency mapping to isolate root causes and validate durable fixes. This position partners closely with incident managers and senior coordinators, engineering, and problem/change management teams to coordinate major events, shape incident response strategy, and elevate diagnostic practices across the operations organization. The senior engineer also drives continuous improvement by refining runbooks, tuning detection and alerting, and mentoring other responders to improve resilience and reduce time to restore. Key Responsibilities - Technical Lead: Lead complex investigations from scoping through closure; drive hypothesis-based troubleshooting; validate permanent fixes across distributed systems. - Observability & Diagnostics: Use modern monitoring/SIEM/observability to correlate metrics, traces, logs; distinguish symptoms from root causes; map impacts across infra/app/network/identity. - Runbooks & Automation: Design/refine technical runbooks; implement scripts/orchestration to standardize responses and reduce manual effort; codify remediation/verification checks. - SRE & Architecture Integration: Translate incident insights into capacity planning, reliability metrics, and service design changes; partner with platform/reliability engineering teams. - Technical PIRs & Coaching: Produce high-quality technical PIRs for engineers/executives; mentor responders in tools, diagnostics, documentation discipline, and IM practice adherence. - Cyber IR Interface: Coordinate with SOC/cyber responders when security indicators emerge; align IT ops IR and cyber IR workflows without compromising restoration velocity/safety. - Technical Mentoring: Coach incident responders and operations staff, raising the bar on diagnostic techniques, tool usage, documentation discipline, and adherence to incident management practices. Qualifications - Bachelor’s degree in Information Technology, Computer Science, Business Administration, or related field, or equivalent relevant work experience. - Minimum of 8 years of experience in incident management, IT operations, reliability engineering, or related IT roles, including frequent responsibility for leading complex, multi-system incident resolution. - Strong mastery of ITIL-aligned incident management principles and best practices, with demonstrated experience coordinating major incidents in a large enterprise or federal IT environment. - Advanced proficiency with incident management tools and modern monitoring/observability platforms used for log analysis, performance monitoring, and alerting. - Proven ability to manage multiple complex incidents concurrently, synthesize technical information quickly, and communicate clearly and confidently with both technical teams and leadership. - Active or obtainable SECRET clearance and U.S. citizenship, with the ability to satisfy all applicable federal suitability and security requirements. Preferred Qualifications - Background leading incident response in large-scale, cloud-centric, or hybrid environments, including ownership of cross-team technical coordination and complex investigations. - Advanced incident response, cybersecurity, or IT service management certifications (such as higher-level ITIL, incident-response-oriented, or security certifications). - Experience embedding incident insights into site reliability engineering practices, including error budgeting, reliability metrics, and capacity planning. - Demonstrated success building and refining automation for common remediation actions and verification checks. Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees. EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment. Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions. Disclaimer The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

• Perform hands-on security work across the stack: code reviews, threat modeling, vulnerability hunting, and remediation in production services • Own end-to-end remediation for complex findings: from exploit proof-of-concept to code-level fixes and automated CI checks • Build and maintain developer-first security tools, automation, and self-service capabilities (SAST rules, IaC scanning, dependency/OSS policies, CI/CD gates) • Lead threat modeling sessions and secure design reviews for new product initiatives and platform changes • Collaborate with SRE and Platform teams to harden runtimes, secrets management, identity, and authentication flows • Mentor and coach engineers on secure coding, secure-by-default patterns, and incident learnings • Contribute to security metrics and visibility (vulnerability backlog, mean time to remediate, coverage of automated tests)

• Conduct due diligence on security and IT components of potential acquisitions, partnerships, and vendor engagements • Lead integration of IT systems and security practices for acquired companies • Drive unique security and IT workstreams across M&A transactions • Partner with Security, IT, Engineering, Corporate Development, and Product leaders to align on requirements, timelines, and execution plans