Job Requirements
Suitland, MD
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Senior Cyber Defense Incident Responder
Location: Suitland, MD
Clearance: Active Secret Required
Employment Type: Full-Time
Position Overview
ICS (A Redhawk Company) is seeking an experienced Senior Cyber Defense Incident Responder to support a long-term federal cybersecurity program in the Washington, DC area. This role is responsible for leading incident response efforts, conducting advanced threat analysis, and strengthening enterprise-wide cyber defense operations.
The ideal candidate will bring deep expertise in incident response, malware analysis, and forensic investigations, with the ability to operate in high-visibility environments supporting mission-critical systems.
Key Responsibilities
Lead and coordinate enterprise-wide cyber defense incident response activities
Perform incident triage, including scope, impact, and vulnerability identification
Analyze logs from multiple sources (host, network, firewall, IDS) to identify threats
Conduct real-time incident response, including forensic collection, threat analysis, and remediation
Correlate incident data to identify vulnerabilities and recommend mitigation strategies
Track and document incidents from detection through resolution
Perform cyber defense trend analysis and reporting
Collect and analyze intrusion artifacts (e.g., malware, trojans, source code)
Support deployable Incident Response Teams (IRTs)
Coordinate with intelligence teams to align threat data and assessments
Monitor external threat sources (CERT, vendor alerts, security advisories)
Apply defense-in-depth strategies to enhance enterprise security posture
Required Qualifications
Bachelor’s degree or higher
6+ years of experience in one or more of the following:
Malware analysis
Digital forensics
Network/data analysis
Penetration testing
Information assurance / vulnerability management
Strong understanding of:
Cyber threat actors (insider, nation-state, non-state actors)
Cyber attack lifecycle (reconnaissance through exploitation and persistence)
Incident response methodologies and frameworks
Networking protocols (TCP/IP, DNS, web, mail services)
Experience with intrusion detection and prevention technologies
Ability to design and implement incident response strategies for cloud environments
Strong communication skills with ability to interface with senior leadership
Active Secret clearance required
Preferred Qualifications
Experience with malware identification, containment, and reporting
Strong background in digital evidence handling and forensic integrity standards
Experience securing enterprise network communications
Knowledge of vulnerability classification and associated attack vectors
Hands-on experience with security tools such as:
NIPS
Anti-malware platforms
Security event correlation tools (SIEM)
Experience performing damage assessments and impact analysis
Familiarity with OWASP Top 10 and application security risks
Experience in cloud-based incident response environments
Certifications (Preferred/Relevant)
Certifications in incident response, digital forensics, or cybersecurity such as:
GCIA / GCIH / GCFA
CEH
CySA+
Security+
CISSP (or equivalent)
Program Overview
This position supports a U.S. Government civilian agency, delivering comprehensive cybersecurity services including incident response, threat intelligence, and enterprise defense operations. The team operates in a fast-paced, mission-driven environment focused on protecting critical systems and data from evolving cyber threats.
Why Join ICS
At ICS, you’ll help engineer the detection and response capabilities that defend mission-critical federal systems. This role offers hands-on influence over how cyber threats are detected, analyzed, and neutralized—combining development, automation, and operational security in a high-impact national security environment.
Location: Suitland, MD
Clearance: Active Secret Required
Employment Type: Full-Time
Position Overview
ICS (A Redhawk Company) is seeking an experienced Senior Cyber Defense Incident Responder to support a long-term federal cybersecurity program in the Washington, DC area. This role is responsible for leading incident response efforts, conducting advanced threat analysis, and strengthening enterprise-wide cyber defense operations.
The ideal candidate will bring deep expertise in incident response, malware analysis, and forensic investigations, with the ability to operate in high-visibility environments supporting mission-critical systems.
Key Responsibilities
Lead and coordinate enterprise-wide cyber defense incident response activities
Perform incident triage, including scope, impact, and vulnerability identification
Analyze logs from multiple sources (host, network, firewall, IDS) to identify threats
Conduct real-time incident response, including forensic collection, threat analysis, and remediation
Correlate incident data to identify vulnerabilities and recommend mitigation strategies
Track and document incidents from detection through resolution
Perform cyber defense trend analysis and reporting
Collect and analyze intrusion artifacts (e.g., malware, trojans, source code)
Support deployable Incident Response Teams (IRTs)
Coordinate with intelligence teams to align threat data and assessments
Monitor external threat sources (CERT, vendor alerts, security advisories)
Apply defense-in-depth strategies to enhance enterprise security posture
Required Qualifications
Bachelor’s degree or higher
6+ years of experience in one or more of the following:
Malware analysis
Digital forensics
Network/data analysis
Penetration testing
Information assurance / vulnerability management
Strong understanding of:
Cyber threat actors (insider, nation-state, non-state actors)
Cyber attack lifecycle (reconnaissance through exploitation and persistence)
Incident response methodologies and frameworks
Networking protocols (TCP/IP, DNS, web, mail services)
Experience with intrusion detection and prevention technologies
Ability to design and implement incident response strategies for cloud environments
Strong communication skills with ability to interface with senior leadership
Active Secret clearance required
Preferred Qualifications
Experience with malware identification, containment, and reporting
Strong background in digital evidence handling and forensic integrity standards
Experience securing enterprise network communications
Knowledge of vulnerability classification and associated attack vectors
Hands-on experience with security tools such as:
NIPS
Anti-malware platforms
Security event correlation tools (SIEM)
Experience performing damage assessments and impact analysis
Familiarity with OWASP Top 10 and application security risks
Experience in cloud-based incident response environments
Certifications (Preferred/Relevant)
Certifications in incident response, digital forensics, or cybersecurity such as:
GCIA / GCIH / GCFA
CEH
CySA+
Security+
CISSP (or equivalent)
Program Overview
This position supports a U.S. Government civilian agency, delivering comprehensive cybersecurity services including incident response, threat intelligence, and enterprise defense operations. The team operates in a fast-paced, mission-driven environment focused on protecting critical systems and data from evolving cyber threats.
Why Join ICS
At ICS, you’ll help engineer the detection and response capabilities that defend mission-critical federal systems. This role offers hands-on influence over how cyber threats are detected, analyzed, and neutralized—combining development, automation, and operational security in a high-impact national security environment.
group id: 10176392