1

Cyber Detective Jobs (NOW HIRING)

Position Overview The Cyber Threat Hunter proactively protects enterprise environments from ... This role directly supports a proactive SOC model by contributing to detection engineering ...

You'll help shape detection algorithms and actionable alerts by applying practical SOC experience ... This is a full-time position with the Leidos Cyber Electromagnetic Activity (CEMA) team that is ...

New

Provide 12x5 operational coverage and after‑hours on‑call support to detect, analyze, and mitigate advanced cyber threats * Conduct advanced packet‑level traffic analysis and reconstruct ...

The selected candidate will author custom detection analytics and hunt tooling, execute proactive ... Execute proactive cyber threat hunting operations across the DoDIN-A using custom-developed ...

The selected candidate will author custom detection analytics and hunt tooling, execute proactive ... Execute proactive cyber threat hunting operations across the DoDIN-A using custom-developed ...

Cyber Analyst

Huntsville, AL · On-site

$87K - $157K/yr

Description Leidos has a new and exciting opportunity for a Mid-Level Defensive Cyber Software ... Detection Engineering & Tuning analyzing false positives/negatives and providing feedback to ...

New

next page

Showing results 1-20

Cyber Detective information

See salary details

$60.5K

$144.5K

$192.5K

How much do cyber detective jobs pay per year?

As of Jul 4, 2026, the average yearly pay for cyber detective in the United States is $144,461.00, according to ZipRecruiter salary data. Most workers in this role earn between $121,500.00 and $164,000.00 per year, depending on experience, location, and employer.

What is the difference between Cyber Detective vs Cyber Security Analyst?

AspectCyber DetectiveCyber Security Analyst
Required CertificationsCertified Cyber Crime Investigator, CISSP (optional)CISSP, CompTIA Security+
Work EnvironmentInvestigations, law enforcement agencies, private firmsCorporate IT departments, security firms
Primary FocusDetecting and investigating cyber crimesPreventing, monitoring, and responding to security threats
Industry UsageLaw enforcement, private investigation

While both roles involve cybersecurity, a Cyber Detective primarily investigates cyber crimes and breaches, often working with law enforcement. In contrast, a Cyber Security Analyst focuses on protecting systems proactively through monitoring and implementing security measures. Both roles require technical skills, but their daily tasks and objectives differ significantly.

More about Cyber Detective jobs
What states have the most Cyber Detective jobs? States with the most job openings for Cyber Detective jobs include:
Infographic showing various Cyber Detective job openings in the United States as of June 2026, with employment types broken down into 60% Full Time, 20% Part Time, and 20% Contract. Highlights an 95% Physical, 1% Hybrid, and 4% Remote job distribution, with an average salary of $144,461 per year, or $69.5 per hour.
Cyber Incident Manager III

Cyber Incident Manager III

Argo Cyber Systems

Arlington, VA • On-site

Full-time

Posted 11 days ago


Job description

Cyber Incident Manager

Location: Washington Dc Metro Area (On-Site)

Citizenship: US only

Clearance: Active TS/SCI (DHS EOD Suitability required)
Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)


About Argo Cyber Systems

Argo Cyber Systems provides mission-critical cybersecurity support to U.S. Government agencies and critical infrastructure owners nationwide. Our teams deliver rapid incident response, advanced forensics, and coordinated recovery operations to protect vital systems from evolving cyber threats. We combine technical precision with operational agility-helping federal partners identify, contain, and recover from complex cyber incidents with speed and confidence.


Position Overview

Argo Cyber Systems is seeking a Cyber Incident Manager to lead onsite incident response operations for a U.S. Government customer. The selected candidate will coordinate and execute incident handling, forensic triage, and threat mitigation activities for large-scale, high-impact cyber events. This role is part of a 247 incident response capability that provides immediate investigation, containment, and recovery support to federal civilian agencies and critical infrastructure entities.


Key Responsibilities
  • Direct and coordinate incident response activities across diverse environments-ensuring rapid containment, accurate impact assessment, and effective recovery.

  • Correlate and analyze incident data to identify patterns, trends, and emerging threats.

  • Perform triage and scoping of cyber incidents to determine severity, urgency, and operational impact.

  • Apply Defense-in-Depth principles and best practices to strengthen enterprise resilience.

  • Investigate indicators of compromise (IOCs), malware behavior, and intrusion vectors using host and network data.

  • Research and document resolution steps, mitigations, and workarounds for ongoing or recurring incidents.

  • Develop and maintain incident response procedures and playbooks aligned with NIST SP 800-61 Rev.2 and FISMA reporting requirements.

  • Monitor external intelligence sources and threat feeds to maintain situational awareness of current threat conditions.

  • Track, document, and brief incident lifecycle progress from detection through closure, ensuring accurate reporting and escalation to senior stakeholders.

  • Collaborate with cross-functional teams-including threat analysts, forensics personnel, SOC operators, and federal incident coordinators-to provide unified, mission-focused response.


Required Qualifications
  • U.S. Citizenship

  • Active TS/SCI clearance (must be able to obtain DHS EOD Suitability)

  • 5+ years of directly relevant experience in cyber incident management, SOC operations, or DFIR roles

  • Strong understanding of incident response methodologies, frameworks, and reporting requirements under NIST SP 800-61 and FISMA

  • Demonstrated ability to analyze, prioritize, and document incidents within enterprise or federal environments

  • Solid grasp of attack lifecycle stages and common adversary tactics (reconnaissance, exploitation, privilege escalation, persistence, exfiltration, etc.)

  • Knowledge of system administration, OS hardening, and defensive security controls across Windows, Linux, and hybrid environments

  • Familiarity with CND policies, procedures, and regulatory frameworks

  • Understanding of threat actor typologies (e.g., opportunistic, organized criminal, nation-state) and their operational tradecraft

  • Excellent written and verbal communication skills for technical and executive reporting


Desired Qualifications
  • Proficiency with SIEM, EDR, and network forensic tools (e.g., Splunk, SentinelOne, Elastic, Wireshark)

  • Experience conducting or managing shift-based or 247 cyber operations

  • Advanced knowledge of malware analysis, log correlation, and network defense methodologies

  • Familiarity with incident ticketing and tracking systems (e.g., ServiceNow, Jira, Remedy)

  • Strong analytical mindset and ability to lead during high-pressure operational events


Education
  • Bachelor's Degree in Cybersecurity, Information Systems, Computer Science, or related discipline
    or

  • High School Diploma with 7-9 years of relevant incident management or cybersecurity experience


Preferred Certifications
  • GCIH, GCFA, GISP, GCED, CCFP, CISSP, or equivalent


Additional Information
  • Shift work position; schedule determined upon start.

  • ECP-1 rates apply.

  • Must be available for onsite support during active incidents or surge operations.


Why Join Argo

As part of Argo Cyber Systems, you will serve at the forefront of national cyber defense-protecting civilian agencies and high-value assets from persistent and emerging threats. You'll join a veteran-founded, mission-driven team dedicated to operational excellence, collaboration, and innovation in the cyber domain.