Role Description The Cybersecurity Incident Response Engineer, Jr. monitors enterprise security tools and logs to detect, analyze, and triage potential cybersecurity threats targeting mission‑critical systems and data. The role performs initial investigations, distinguishes false positives from genuine incidents, and escalates significant events to senior analysts or incident responders as appropriate. The analyst supports basic containment and response actions, documents events and findings, and helps fine‑tune security controls to improve detection fidelity in a highly regulated federal IT environment. - Monitor SIEM and other security tooling to review events, correlate logs from multiple sources, and identify suspicious patterns that may indicate cybersecurity threats or policy violations. - Perform Tier 1 alert triage by validating alert context, determining severity and potential impact, filtering out false positives, and generating well-documented tickets for escalation. - Assist with incident response activities, including gathering evidence, capturing indicators of compromise, and supporting containment and recovery steps under guidance of senior analysts. - Document investigations thoroughly, including timelines, data sources reviewed, actions taken, and handoffs, to support audit requirements and follow-on analysis. - Maintain familiarity with common security technologies such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners, and interpret how their alerts surface within SOC tools. - Follow established SOC standard operating procedures, playbooks, and reporting formats, and contribute feedback to improve them as detection and response capabilities mature. - Support continuous tuning of rules, use cases, and dashboards to reduce noise, enhance detection accuracy, and improve visibility into the client environment. - Collaborate with IT, operations, and risk teams to align monitoring and response activities with cybersecurity policies, regulatory expectations, and mission priorities. Qualifications - Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field, or equivalent relevant experience. - 0–3 years of experience in cybersecurity, IT operations, or related technical roles with exposure to security monitoring and incident triage. - Foundational understanding of cybersecurity concepts, common attack techniques, and the role of a security operations center in detection and response. - Hands-on familiarity with security tools such as SIEM, firewalls, IDS/IPS, endpoint protection, or vulnerability scanners, and ability to interpret basic alerts and logs. - Active SECRET clearance or ability to obtain and maintain required clearance. - U.S. citizenship required to support federal information security requirements. - Strong analytical, problem-solving, communication, and teamwork skills, with the ability to manage multiple alerts and tasks in a fast-paced SOC environment. Requirements - Experience working in or supporting a 24x7 SOC environment, including shift work and effective handoff practices for ongoing incidents. - Entry-level security certifications such as Security+, CySA+, or similar that validate core defensive operations knowledge. - Experience following or implementing documented playbooks, runbooks, or standard operating procedures in a security or IT operations context. - Familiarity with federal cybersecurity policies, control frameworks, or agency-specific security requirements. Benefits - Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. - The compensation displayed for this role is a general guideline based on these factors and is unique to each role. - Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

• Sales and management experience leading a team of senior sales people • Day to day personnel management, pipeline development, territory planning, account planning, forecasting, quota attainment, sales presentations, and short term, mid-term, long-term opportunity management. • Identify, develop and execute account strategy to close new Cloud Security business opportunities and expanding revenue with customers across the assigned region; independently and cooperatively. • Scope, negotiate and bring to closure agreements to exceed booking and revenue quota targets. • Target and gain access to decision makers in key prospect accounts in the assigned territory. • Collaborate with operative peers across functions (including the Field Sales, Channel, Marketing, Sales Operations, System Engineering, Services, Customer Support, and Product Development) to create visibility with target accounts and drive engagement of target prospects at both the individual contributor and executive level. • Work cooperatively within the partner ecosystem to leverage their established account presence and relationships. • Capture, maintain, and disseminate accurate and relevant prospect information using Salesforce.com/CLARI and other data analytics tools.

• Collaborates with the Cybersecurity and IAM teams to ensure secure onboarding and offboarding of applications into the SSO environment. • Designs or consults on the application integration approach to enable secure access/SSO. • Validates and maintains application integration configurations to meet cybersecurity and compliance requirements. • Assists in developing and ensuring alignment of implementations or changes with access control policies and security standards. • Supports audits and compliance reviews related to IAM and application integrations by facilitating responses via the proper SMEs. • Maintains the CI's that relate to federated applications in the Configuration Management Database (CMDB), ensuring application records are accurate, complete, and current. • Manages the application catalog to ensure all integrated applications are tracked with appropriate metadata (e.g., owners, contacts, technical details, integration type). • Leverages ServiceNow to manage requests, incidents, and changes related to application integrations and IAM processes. • Coordinates application onboarding and offboarding processes, including requirement gathering, integration configuration, testing, and documentation. • Works with application owners to ensure smooth transitions during onboarding/offboarding. • Maintains end-to-end lifecycle documentation for each application in scope. • Creates and maintains detailed documentation for application integrations, onboarding/offboarding procedures, and CMDB updates. • Gathers and analyzes enhancement requests from stakeholders, prioritizes them, and coordinates with technical teams for implementation. • Identifies opportunities to streamline IAM-related processes and improve integration workflows. • Assists in engineering modern applications that support the SSO integration intake process and application inventory. • Troubleshoots, develops, and supports in multiple IDPs including Entra ID and Shibboleth IDP. • Serves as On-Call rotation for IDP support as needed. • Performs other related duties as required.

• Be the Identity Security Guru: Serve as the primary technical authority for assigned clients, providing high-level technical guidance and strategic direction throughout their Saviynt journey. • Architect and Define Solutions: Lead the technical definition, scoping, and design of complex identity security solutions, translating intricate client requirements into robust, scalable Saviynt deployments. • Own the Technical Delivery: Take full ownership of the technical execution of SOWs, orchestrating the successful delivery of professional services. • Strategic Client Engagement: Conduct regular, in-depth technical reviews with customers, proactively identifying potential issues, optimizing their Saviynt environment, and ensuring maximum platform utilization and value realization. • Proactive Problem Solving: Monitor support requests and client environments to identify recurring technical patterns, championing product enhancements or process improvements within Saviynt to address systemic issues. • Drive Expansion & Adoption: Partner with account teams to identify and cultivate up-sell, cross-sell, and expansion opportunities by demonstrating how Saviynt can solve evolving identity security challenges and improve business outcomes. • Technical Enablement: Develop and deliver advanced technical demonstrations and training sessions for clients, ensuring they can independently leverage the full power of the Saviynt platform. • Internal Collaboration: Act as a critical liaison between clients, our Customer Professional Services (CPS) team, Engineering, and Product Management, ensuring client feedback drives product innovation and technical excellence. • Operational Excellence: Assist with regional services resourcing and forecasting, and manage timesheet and invoicing approvals, ensuring seamless operational flow.