Tier 2 Shift Lead Malware Analyst (SME)

Job Requirements Beltsville, MD Secret Polygraph not specified Senior Level Career (10+ yrs experience) Salary not specified Join Premium to unlock estimated salaries Job Description ICS is seeking an experienced Tier 2 Shift Lead Malware Analyst SME (CIRT) Shift Lead to support a high-visibility federal cyber mission. This role is ideal for a hands-on cybersecurity professional who thrives in a fast-paced SOC environment and is ready to lead analysts while driving advanced incident response efforts. You will play a key role in defending enterprise systems by leading Tier 2 investigations, coordinating response activities, and improving detection and response capabilities across the environment.

What You'll Do:

Lead Tier 2 incident response investigations across network, endpoint, and cloud environments Analyze alerts and logs from SIEM, EDR, firewalls, and IDS/IPS tools Perform deep-dive analysis to identify, contain, and remediate cyber threats Conduct malware analysis, forensic investigations, and threat hunting Correlate indicators of compromise (IOCs) and track adversary activity Monitor and respond to alerts through SIEM and SOAR platforms Create, update, and execute incident response playbooks and SOPs Coordinate with stakeholders and federal partners on incident response and reporting Submit alert tuning recommendations to improve detection quality

Leadership Responsibilities:

Oversee Tier 2 shift operations and ensure ticket quality and completeness Guide and mentor SOC analysts during investigations Coordinate remediation efforts with leadership and technical teams Provide recommendations to improve workflows, processes, and response effectiveness Support technical interviews and onboarding of new team members

Required Qualifications:

Active Secret clearance (required to start) U.S. Citizenship Experience across the incident response lifecycle (detection → containment → remediation → recovery) Hands-on experience with: SIEM tools (Splunk, Microsoft Sentinel, Elastic, or similar) EDR tools (CrowdStrike, Microsoft Defender, Carbon Black, etc.) SOAR platforms (ServiceNow, Splunk SOAR, or similar) Experience analyzing logs, network traffic, and endpoint telemetry Strong understanding of: Threat intelligence and IOC analysis Malware analysis and forensic techniques

MITRE ATT&CK

framework

Preferred Qualifications:

Experience in a SOC, CIRT, or Cyber Defense environment Prior leadership, mentoring, or shift lead experience Experience with cloud security monitoring (AWS, Azure) Scripting experience (Python, PowerShell, Bash) Familiarity with digital forensics tools (Autopsy, Volatility, etc.) Relevant certifications such as: Security+, CySA+, CISSP, GCIH, GCIA, CEH, or similar Why Join ICS? Support a mission-critical federal cyber program Work alongside a highly skilled and collaborative SOC team Opportunity to step into or expand leadership responsibilities Hands-on role with real impact on cyber defense operations

Apply Today:

If you're a driven cybersecurity professional ready to lead investigations and make an impact in a mission-focused environment, we'd love to connect.

group id:

10176392 N Name Hidden Recruiter Apply now