SkyePoint Decisions

Cybersecurity

CyberIncidentResponseTeamTier2ShiftLead

$115–155k ~AI est. Beltsville, Maryland, United States CONTRACT

The Brief

“Cyber Incident Response Team - Tier 2 Shift Lead at SkyePoint Decisions. Skills: Incident response, Cybersecurity, Malware analysis, Threat intelligence. Detect cyber security events. Classify cyber security events”

Industry & Context.

Cybersecurity

Problems you'll solve

Root cause analysis

Eligibility Requirements

Tuesday - Saturday, 2pm - 10pm shift, Active Secret security clearance, U. S. Citizenship

What They're Looking For.

Must Have

Bachelor’s degree and minimum of 11 years of relevant experience, Master’s degree with minimum of 9 years of relevant experience, PhD with 6 years of relevant experience, Active Secret security clearance, CASP+ CE certification, CCISO certification, CCNA Cyber Ops certification, CCNA Security certification, CCNP Security certification, CEH certification, CFR certification, CISA certification, CISM certification, CISSP certification, CISSP Associate certification, CISSP-ISSAP certification, CISSP-ISSEP certification, Cloud+ certification, CySA+ certification, GCED certification, GCIA certification, GCIH certification, GICSP certification, GSLC certification, SCYER certification, Demonstrated experience across incident response lifecycle, Experience with SOAR platforms, Experience with automated response workflows, Experience with SIEM platforms, Experience with EDR solutions, Knowledge of cloud security monitoring, Knowledge of incident response, Knowledge of integrating IOCs, Knowledge of tracking APT actors, Ability to analyze cyber threat intelligence, Understand adversary TTPs, Knowledge of malware analysis techniques, Familiarity with MITRE ATT&CK framework, Familiarity with D3FEND framework, U. S. Citizenship required

Nice to Have

Proficiency with Splunk, Experience using Microsoft Azure access, Experience using Microsoft Azure identity management, Proficiency in Microsoft Defender for Endpoint, Proficiency in Microsoft Defender for Identity, Experience using digital forensics collection tools, Experience using digital forensics analysis tools, Experience using ServiceNow SOAR, Experience using Python scripting, Experience using PowerShell scripting, Experience using BASH scripting, Proficiency in cloud security monitoring, Proficiency in incident response, Demonstrated ability to perform static malware analysis, Demonstrated ability to perform dynamic malware analysis, Demonstrated ability to perform reverse engineering, Experience with integrating cyber threat intelligence, Experience with IOC-based hunting, Azure SC-900 certification, CCSP certification, GCIH certification, CCSK certification, GSEC certification, CHFI certification, GCLD certification, GCIA certification, SecurityX certification, CASP+ certification, PRMP certification, GREM certification, GEIR certification, GNFA certification, GCFA certification

What You'll Do.

Detect cyber security events

Classify cyber security events

Process cyber security events

Track cyber security events

Report on cyber security events

Perform advanced analysis of Tier 1 alerts

Analyze logs from multiple sources

Identify suspicious activity

Contain suspicious activity

Remediate suspicious activity

Characterize network traffic

Analyze network traffic

Identify anomalous activity

Identify potential threats

Protect against cyber security threats

Prevent cyber security threats

Protect against vulnerabilities

Prevent vulnerabilities

Perform forensic analysis of hosts artifacts

Perform forensic analysis of network traffic

Perform forensic analysis of email content

Analyze malicious scripts

Analyze malicious code

Mitigate potential threats

Conduct malware analysis

Collaborate with Department of State teams

Monitor CIRT SOAR platform

Respond to CIRT SOAR platform

Respond to CIRT hotline

Monitor CIRT email in-boxes

Respond to CIRT email in-boxes

Coordinate incident information

Report incident information to CISA

Collaborate with local CIRTs

Collaborate with national CIRTs

Collaborate with international CIRTs

Submit alert tuning requests

Review Tier 2 shift tickets

Coordinate with CIRT Watch Officers

Coordinate with government leadership

Provide technical improvement recommendations

Provide procedural improvement recommendations

Assist with Tier 2 candidate interviews

Ensure coordinated remediation actions operate properly

How You'll Work.

Team & Collaboration

Department of State teams; Local CIRTs; National CIRTs; International CIRTs; CIRT Watch Officers; Government leadership

Free ATS check

Applying for this Cyber Incident Response Team - Tier 2 Shift Lead role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 43 detected

Core

Malware analysis ×6

Required

Forensic analysis ×3

Scripting languages ×3

Incident response ×2

Cybersecurity ×2

Threat intelligence ×2

Nice to have

SOAR platforms

SIEM platforms

EDR solutions

Cloud security

IOCs

APT actors

MITRE ATT&CK

D3FEND

Splunk

Microsoft Azure

Behavioural

Leadership

Role Details

Work Mode

Onsite

Type

CONTRACT

Experience

8–15 yrs

Salary Band

100k-150k

How to Apply on Greenhouse

Create a Greenhouse profile before applying — it saves time across multiple applications.
Upload your resume as a PDF; the parser handles it better than Word.
Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
Enable email notifications to track application status in real time.

ANONYMOUS · UNFILTERED

What do employees actually say about SkyePoint Decisions?

Real rants from real employees. Read before you apply.

Read Company Rants →