SkyePoint Decisions
Cybersecurity
CyberIncidentResponseTeam-Tier2ShiftLead
Neural analysis suggests this role is
optimal for Lead candidates.
“Cyber Incident Response Team - Tier 2 Shift Lead at SkyePoint Decisions. Skills: Incident response, Cybersecurity, Malware analysis, Threat intelligence. Detect cyber security events. Classify cyber security events”
Industry & Context.
Root cause analysis
Tuesday - Saturday, 2pm - 10pm shift, Active Secret security clearance, U. S. Citizenship
What They're Looking For.
Must Have
Bachelor’s degree and minimum of 11 years of relevant experience, Master’s degree with minimum of 9 years of relevant experience, PhD with 6 years of relevant experience, Active Secret security clearance, CASP+ CE certification, CCISO certification, CCNA Cyber Ops certification, CCNA Security certification, CCNP Security certification, CEH certification, CFR certification, CISA certification, CISM certification, CISSP certification, CISSP Associate certification, CISSP-ISSAP certification, CISSP-ISSEP certification, Cloud+ certification, CySA+ certification, GCED certification, GCIA certification, GCIH certification, GICSP certification, GSLC certification, SCYER certification, Demonstrated experience across incident response lifecycle, Experience with SOAR platforms, Experience with automated response workflows, Experience with SIEM platforms, Experience with EDR solutions, Knowledge of cloud security monitoring, Knowledge of incident response, Knowledge of integrating IOCs, Knowledge of tracking APT actors, Ability to analyze cyber threat intelligence, Understand adversary TTPs, Knowledge of malware analysis techniques, Familiarity with MITRE ATT&CK framework, Familiarity with D3FEND framework, U. S. Citizenship required
Nice to Have
Proficiency with Splunk, Experience using Microsoft Azure access, Experience using Microsoft Azure identity management, Proficiency in Microsoft Defender for Endpoint, Proficiency in Microsoft Defender for Identity, Experience using digital forensics collection tools, Experience using digital forensics analysis tools, Experience using ServiceNow SOAR, Experience using Python scripting, Experience using PowerShell scripting, Experience using BASH scripting, Proficiency in cloud security monitoring, Proficiency in incident response, Demonstrated ability to perform static malware analysis, Demonstrated ability to perform dynamic malware analysis, Demonstrated ability to perform reverse engineering, Experience with integrating cyber threat intelligence, Experience with IOC-based hunting, Azure SC-900 certification, CCSP certification, GCIH certification, CCSK certification, GSEC certification, CHFI certification, GCLD certification, GCIA certification, SecurityX certification, CASP+ certification, PRMP certification, GREM certification, GEIR certification, GNFA certification, GCFA certification
What You'll Do.
Detect cyber security events
Classify cyber security events
Process cyber security events
Track cyber security events
Report on cyber security events
Perform advanced analysis of Tier 1 alerts
Analyze logs from multiple sources
Identify suspicious activity
Contain suspicious activity
Remediate suspicious activity
Characterize network traffic
Analyze network traffic
Identify anomalous activity
Identify potential threats
Protect against cyber security threats
Prevent cyber security threats
Protect against vulnerabilities
Prevent vulnerabilities
Perform forensic analysis of hosts artifacts
Perform forensic analysis of network traffic
Perform forensic analysis of email content
Analyze malicious scripts
Analyze malicious code
Mitigate potential threats
Conduct malware analysis
Collaborate with Department of State teams
Monitor CIRT SOAR platform
Respond to CIRT SOAR platform
Respond to CIRT hotline
Monitor CIRT email in-boxes
Respond to CIRT email in-boxes
Coordinate incident information
Report incident information to CISA
Collaborate with local CIRTs
Collaborate with national CIRTs
Collaborate with international CIRTs
Submit alert tuning requests
Review Tier 2 shift tickets
Coordinate with CIRT Watch Officers
Coordinate with government leadership
Provide technical improvement recommendations
Provide procedural improvement recommendations
Assist with Tier 2 candidate interviews
Ensure coordinated remediation actions operate properly
How You'll Work.
Team & Collaboration
Department of State teams; Local CIRTs; National CIRTs; International CIRTs; CIRT Watch Officers; Government leadership
Full Job Description
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U. S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results. This is a contingent position based upon customer approval. SkyePoint Decisions is seeking an experienced Tier 2 Shift Lead for the Cyber Incident Response Team to support our customer's Federal Strategic Cyber Mission program. This is not a remote position. This person will need the ability to work onsite in Beltsville, MD, Tuesday - Saturday, 2pm - 10pm. Responsibilities: Detect, classify, process, track, and report on cyber security events and incidents. Perform advanced in-depth analysis of coordinated Tier 1 alert triage and requests in a 24x7x365 environment. Analyze logs from multiple sources (e.g., host logs, EDR, firewalls, intrusion detection systems, servers) to identify, contain, and remediate suspicious activity. Characterize and analyze network traffic to identify anomalous activity and potential threats. Protect against and prevent potential cyber security threats and vulnerabilities. Perform forensic analysis of hosts artifacts, network traffic, and email content. Analyze malicious scripts and code to mitigate potential threats. Conduct malware analysis to generate IOCs to identify and mitigate threats. Collaborate with Department of State teams to analyze and respond to events and incidents. Monitor and respond to the CIRT Security Orchestration and Automation Response (SOAR) platform, hotline, email in-boxes. Create tickets
Applying for this Cyber Incident Response Team - Tier 2 Shift Lead role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about SkyePoint Decisions?
Real rants from real employees. Read before you apply.