Talent.com
Tier 2 Cyber Incident Response Team (CIRT) Shift Lead
Tier 2 Cyber Incident Response Team (CIRT) Shift LeadPeraton • Arlington, Texas, USA
Tier 2 Cyber Incident Response Team (CIRT) Shift Lead

Tier 2 Cyber Incident Response Team (CIRT) Shift Lead

Peraton • Arlington, Texas, USA
20 days ago
Job type
  • Full-time
Job description

Responsibilities

Peraton is seeking an experienced Tier 2 Cyber Incident Response Team (CIRT) Shift Lead to support a high-impact cybersecurity and technology program focused on securing global infrastructure and enabling innovative effective and secure business processes.

Location : Beltsville MD.

Work Hours : Days Shift 6 : 00 AM 2 : 00 PM Tuesday Saturday.

As a Cyber Incident Response Team Shift Lead you will :

  • Detect classify process track and report cybersecurity events and incidents.
  • Perform advanced analysis of Tier 1 alert triage and requests in a 24x7x365 environment.
  • Analyze logs from multiple sources to identify contain and remediate suspicious activity.
  • Characterize and assess network traffic to detect anomalous behavior and potential threats.
  • Conduct forensic analysis of host artifacts network traffic and email content.
  • Perform malware analysis to generate Indicators of Compromise (IOCs) and mitigate threats.
  • Collaborate with Department of State teams to analyze and respond to incidents.
  • Monitor and respond to the CIRT SOAR platform hotline and email inboxes.
  • Create tickets and initiate workflows in accordance with technical SOPs.
  • Coordinate and report incident details to the Cybersecurity and Infrastructure Security Agency (CISA).
  • Submit alert tuning requests to improve detection accuracy.

As a Tier 2 Shift Lead you will also :

  • Review all Tier 2 shift tickets for accuracy and completeness.
  • Coordinate remediation actions with CIRT Watch Officers and government leadership.
  • Recommend technical and procedural improvements to CIRT leadership.
  • Assist with technical interviews for Tier 2 candidates.
  • Ensure proper execution of coordinated remediation actions.

    • Qualifications

    Required Minimum Qualifications :

  • Bachelors degree and a minimum 9 years of relevant experiencerequired; 7 years with a Masters; or a High School diploma and 13 years of relevant incident response experience.
  • Must have a minimum of 6 years of Cyber specific experience with at least 4 years specifically in Incident Response.
  • Must possess one of the following certifications prior to start date :

    • CASP CE CCNA Cyber Ops CCNA-Security CCNP Security CEH CFR CISA CISSP (or Associate) Cloud CySA GCED GCIA GCIH GICSP SCYBER VCA DCV PPDA Agile IC or SNOW App Dev

  • Demonstrated experience in the Incident Response lifecycle.
  • Knowledge of SOAR ticketing and automated response systems (e.g. ServiceNow Splunk SOAR Microsoft Sentinel).
  • Demonstrated experience with using Security Information and Event Management (SIEM) platforms (e.g. Splunk Microsoft Sentinel Elastic Q-Radar).
  • Demonstrated experience in using Endpoint Detection and Response systems (e.g. MDE ElasticXDR CarbonBlack Crowdstrike).
  • Knowledge of cloud security monitoring and incident response.
  • Knowledge of integrating IOCs and Advanced Persistent Threat actors.
  • Ability to analyze cyber threat intelligence reporting and understanding adversary methodologies and techniques.
  • Knowledge of malware analysis techniques.
  • Knowledge of the MITRE ATT&CK and D3FEND frameworks.
  • Experience in managing and coordinating small teams.
  • U.S. Citizenship required.
  • Active Secret security clearance.

    • The ability to obtain a final Top Secret / SCI security clearance.

    Preferred Qualifications :

  • Proficiency with Splunk for security monitoring alert creation and threat hunting.
  • Experience using Microsoft Azure access and identity management.
  • Proficiency in Microsoft Defender for Endpoint and Identity for security monitoring response and alert generations.
  • Experience using digital forensics collection and analysis tools (e.g. Autopsy Axiom MagnetForensics Zimmerman-Tools KAPE CyLR Volatility).
  • Experience using ServiceNow SOAR for ticketing and automated response.
  • Experience using Python PowerShell and BASH scripting languages.
  • Proficiency in cloud security monitoring and incident response.
  • Demonstrated ability to perform static / dynamic malware analysis and reverse engineering.
  • Experience with integrating cyber threat intelligence and IOC-based hunting.
  • Technical certifications such as : Azure SC-900 CCSP GCIH CCSK GSEC CHFI GCLD GCIA.
  • Advanced technical certifications such as : SecurityX / CASP PRMP GREM GEIR GNFA or GCFA.

    • Peraton Overview

    Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains : land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.

    Target Salary Range

    $86000 - $138000. This represents the typical salary range for this position. Salary is determined by various factors including but not limited to the scope and responsibilities of the position the individuals experience education knowledge skills and competencies as well as geographic location and business and contract considerations. Depending on the position employees may be eligible for overtime shift differential and a discretionary bonus in addition to base pay.

    EEO

    EEO : Equal opportunity employer including disability and protected veterans or other characteristics protected by law.

    Key Skills

    Law Enforcement,ABB,Marine Biology,Filing,Automobile,AV

    Employment Type : Full-Time

    Experience : years

    Vacancy : 1

    Monthly Salary Salary : 86000 - 138000

    Create a job alert for this search

    Incident Response • Arlington, Texas, USA

    Related jobs
    Operational Technology Security Expert

    Operational Technology Security Expert

    Gartner • Irving, TX, United States
    Full-time
    Gartner analysts are industry thought leaders who create must-have research, market predictions, and advice for the key decision makers in a broad range of world-leading organizations.A senior dire...Show more
    Last updated: 30+ days ago • Promoted
    Principal Cybersecurity Engineer- Architecture

    Principal Cybersecurity Engineer- Architecture

    OneMain Financial • Irving, TX, United States
    Part-time
    The Principal Cybersecurity Engineer is ideally based Baltimore, MD.Candidates may also be considered in Irving TX, Evansville IN, and Fort Mill SC. The Principal Cybersecurity Engineer will be resp...Show more
    Last updated: 25 days ago • Promoted
    CT Tech

    CT Tech

    White Glove Placement • Grapevine, TX, United States
    Permanent
    Schedule 12 HR Days 07 : 00-19 : 00.A valid license in the state of practice.Strong communication, organizational, and interpersonal skills are essential. Must be able to interact effectively with patie...Show more
    Last updated: 5 days ago • Promoted
    Director, Cybersecurity

    Director, Cybersecurity

    DuraServ • Coppell, TX, United States
    Full-time
    The Director of Cybersecurity will manage and lead our organization's Cybersecurity efforts and partner with IT operations and 3rd parties to ensure efficient and effective cybersecurity operations...Show more
    Last updated: 25 days ago • Promoted
    Cybersecurity Architect (Arlington)

    Cybersecurity Architect (Arlington)

    Talent Groups • Arlington, TX, US
    Full-time +2
    Full-Time, Direct Hire (No C2C or sponsorship available).Talent Groups is seeking an experienced Cybersecurity Architect to provide strategic security guidance across complex IT and business enviro...Show more
    Last updated: 1 day ago • Promoted
    Senior Director - Catastrophe Management Analytics

    Senior Director - Catastrophe Management Analytics

    Aon • Farmers Branch, TX, United States
    Full-time +1
    Aon is looking for a Senior Director - Catastrophe Modeling - Boston, NYC, Bloomington, Atlanta, Dallas or Chicago.Senior Director of Catastrophe Risk Management. As part of the Catastrophe Manageme...Show more
    Last updated: 30+ days ago • Promoted
    Apps Development Lead for Risk Monitoring Tech- C13 - IRVING

    Apps Development Lead for Risk Monitoring Tech- C13 - IRVING

    Citi • Irving, Texas, United States
    Full-time
    We are looking for a Vice President in enterprise application development area with experience building robust, high-performance, large-scale applications. This position is for a Full stack Java dev...Show more
    Last updated: 30+ days ago • Promoted
    Lead Threat Detection Engineer

    Lead Threat Detection Engineer

    McKesson • Irving, TX, United States
    Full-time
    McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare.We are known for delivering insights, products, and services that make quality care more accessibl...Show more
    Last updated: 25 days ago • Promoted
    Hiring Event - Cyber Intelligence, Security Systems

    Hiring Event - Cyber Intelligence, Security Systems

    L3Harris Technologies • Grapevine, TX, United States
    Full-time
    L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do.Our employees are unified in a shared dedication to our customers’ mission and quest ...Show more
    Last updated: 7 hours ago • Promoted • New!
    Sr. Director, Cyber Security

    Sr. Director, Cyber Security

    Foot Locker • Irving, TX, United States
    Full-time
    This is a Hybrid role in Irving / TX that requires 3 days in the office.Foot Locker is seeking a highly experienced and strategic Senior Director of Cyber Security leader to spearhead our global cybe...Show more
    Last updated: 25 days ago • Promoted
    Cybersecurity Risk Assessment analyst #985891 (Coppell)

    Cybersecurity Risk Assessment analyst #985891 (Coppell)

    Dexian • Coppell, TX, US
    Part-time
    Position : Cybersecurity Risk Analyst.Dallas, TX or Tampa, FL (Hybrid Dallas preferred).The Cybersecurity Risk Analyst is responsible for conducting comprehensive risk assessments across applicatio...Show more
    Last updated: 1 day ago • Promoted
    Team Lead III - C

    Team Lead III - C

    Samuel Son & Co. • Irving, TX, United States
    Full-time
    Lead the team to execute to all safety, quality and delivery expectations.Maintain clean and organized work areas.Safety and operational training for production team. Perform quality control functio...Show more
    Last updated: 5 days ago • Promoted
    Cyber Security Architect

    Cyber Security Architect

    Arkadia Search Recruiting • Arlington, Texas, United States
    Full-time
    Our client is growing a highly trusted Cybersecurity function with executive level support and the freedom to implement advanced solutions. This team plays a critical role in protecting company syst...Show more
    Last updated: 1 day ago • Promoted
    Store Shift Lead

    Store Shift Lead

    Murphy USA • Arlington, TX, US
    Full-time +1
    As one of the largest national gasoline and convenience retailers with more than 1,700 stores in 27 states, we know that without our committed team, we are simply another retailer.Ready to be empow...Show more
    Last updated: 30+ days ago • Promoted
    Cyber Security

    Cyber Security

    TradeJobsWorkForce • 75229 Dallas, TX, US
    Full-time
    Cyber Security Job Duties : Safeguards information system assets by identifying and solvin...Show more
    Last updated: 30+ days ago • Promoted
    Cyber Information Security Officer (Hybrid)

    Cyber Information Security Officer (Hybrid)

    Citigroup Inc • Irving, TX, United States
    Full-time
    Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and...Show more
    Last updated: 21 days ago • Promoted
    Lead, Security Assurance (Coppell)

    Lead, Security Assurance (Coppell)

    Request Technology, LLC • Coppell, TX, US
    Part-time
    Location : Chicago, IL or Coppell, TX.Hybrid : 3 days onsite, 2 days remote.We are unable to provide sponsorship for this role •. Information Security experience, preferably within previous work in Com...Show more
    Last updated: 1 day ago • Promoted
    Vice President IT Security and CISO

    Vice President IT Security and CISO

    Royal Lahaina Resort • Irving, TX, US
    Full-time
    Vice President IT Security And CISO.The Vice President IT Security and CISO will oversee all security responsibilities for all Highgate global operations and subsidiaries.The position will require ...Show more
    Last updated: 1 day ago • Promoted