Job Requirements
Suitland, MD
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Cyber Defense Analyst (Mid-Level)
Location: Suitland, MD
Clearance: Active Secret (or eligible)
Employment Type: Full-Time | Shift-Based (24x7x365 Watch Team)
Position Overview
ICS (A Redhawk Company) is seeking a Mid-Level Cyber Defense Analyst to support a long-term federal cybersecurity program in the Washington, DC area. This role operates within a 24/7 Watch Team environment, providing real-time monitoring, incident response, and threat analysis across enterprise systems.
The ideal candidate will have hands-on experience in cyber defense operations, incident handling, and forensic analysis, with the ability to quickly assess and respond to emerging threats in a mission-critical environment.
Key Responsibilities
Monitor, detect, and respond to cybersecurity incidents in a 24/7 operations environment
Perform incident triage, including determining scope, urgency, and impact
Analyze logs from multiple sources (network, host, firewall, IDS) to identify threats
Conduct real-time incident response, including forensic collection and remediation support
Correlate incident data to identify vulnerabilities and recommend mitigation strategies
Track and document incidents from initial detection through resolution
Perform cyber defense trend analysis and reporting
Collect and analyze intrusion artifacts (e.g., malware, trojans, source code)
Support Incident Response Teams (IRTs) with technical analysis and response actions
Coordinate with intelligence teams to align threat data and assessments
Monitor external threat intelligence sources (CERT, vendor advisories, security feeds)
Apply defense-in-depth strategies to strengthen enterprise security posture
Required Qualifications
Bachelor’s degree or higher
5+ years of experience in one or more of the following:
Malware analysis
Digital forensics
Network/data analysis
Penetration testing
Information assurance / incident handling
Experience working in a 24x7 SOC or Watch Team environment
Strong understanding of:
Cyber threat actors (insider, nation-state, non-state actors)
Cyber attack lifecycle (reconnaissance through exploitation and persistence)
Incident response methodologies and frameworks
Networking protocols (TCP/IP, DNS, web, mail services)
Experience with intrusion detection and prevention technologies
Ability to support incident response in cloud environments
Strong written and verbal communication skills
Active Secret clearance or ability to obtain
Required Certifications (Must Have or Obtain Within 3 Months)
One of the following:
GCIH
CEH
CISSP
GISF
CERT-CSIH
Preferred Qualifications
Experience with malware identification, containment, and reporting
Knowledge of digital forensics and evidence integrity standards
Experience securing enterprise network communications
Familiarity with vulnerability classification and attack methodologies
Hands-on experience with:
SIEM / security event correlation tools
NIPS / IDS / anti-malware solutions
Experience performing damage assessments and impact analysis
Familiarity with OWASP Top 10 and application security risks
Experience supporting cloud-based incident response environments
Program Overview
This role supports a U.S. Government civilian agency delivering enterprise-level cybersecurity services, including continuous monitoring, incident response, and threat intelligence. The team operates in a high-tempo, mission-focused environment dedicated to protecting critical systems from evolving cyber threats.
Why Join ICS
At ICS, you’ll help engineer the detection and response capabilities that defend mission-critical federal systems. This role offers hands-on influence over how cyber threats are detected, analyzed, and neutralized—combining development, automation, and operational security in a high-impact national security environment.
Location: Suitland, MD
Clearance: Active Secret (or eligible)
Employment Type: Full-Time | Shift-Based (24x7x365 Watch Team)
Position Overview
ICS (A Redhawk Company) is seeking a Mid-Level Cyber Defense Analyst to support a long-term federal cybersecurity program in the Washington, DC area. This role operates within a 24/7 Watch Team environment, providing real-time monitoring, incident response, and threat analysis across enterprise systems.
The ideal candidate will have hands-on experience in cyber defense operations, incident handling, and forensic analysis, with the ability to quickly assess and respond to emerging threats in a mission-critical environment.
Key Responsibilities
Monitor, detect, and respond to cybersecurity incidents in a 24/7 operations environment
Perform incident triage, including determining scope, urgency, and impact
Analyze logs from multiple sources (network, host, firewall, IDS) to identify threats
Conduct real-time incident response, including forensic collection and remediation support
Correlate incident data to identify vulnerabilities and recommend mitigation strategies
Track and document incidents from initial detection through resolution
Perform cyber defense trend analysis and reporting
Collect and analyze intrusion artifacts (e.g., malware, trojans, source code)
Support Incident Response Teams (IRTs) with technical analysis and response actions
Coordinate with intelligence teams to align threat data and assessments
Monitor external threat intelligence sources (CERT, vendor advisories, security feeds)
Apply defense-in-depth strategies to strengthen enterprise security posture
Required Qualifications
Bachelor’s degree or higher
5+ years of experience in one or more of the following:
Malware analysis
Digital forensics
Network/data analysis
Penetration testing
Information assurance / incident handling
Experience working in a 24x7 SOC or Watch Team environment
Strong understanding of:
Cyber threat actors (insider, nation-state, non-state actors)
Cyber attack lifecycle (reconnaissance through exploitation and persistence)
Incident response methodologies and frameworks
Networking protocols (TCP/IP, DNS, web, mail services)
Experience with intrusion detection and prevention technologies
Ability to support incident response in cloud environments
Strong written and verbal communication skills
Active Secret clearance or ability to obtain
Required Certifications (Must Have or Obtain Within 3 Months)
One of the following:
GCIH
CEH
CISSP
GISF
CERT-CSIH
Preferred Qualifications
Experience with malware identification, containment, and reporting
Knowledge of digital forensics and evidence integrity standards
Experience securing enterprise network communications
Familiarity with vulnerability classification and attack methodologies
Hands-on experience with:
SIEM / security event correlation tools
NIPS / IDS / anti-malware solutions
Experience performing damage assessments and impact analysis
Familiarity with OWASP Top 10 and application security risks
Experience supporting cloud-based incident response environments
Program Overview
This role supports a U.S. Government civilian agency delivering enterprise-level cybersecurity services, including continuous monitoring, incident response, and threat intelligence. The team operates in a high-tempo, mission-focused environment dedicated to protecting critical systems from evolving cyber threats.
Why Join ICS
At ICS, you’ll help engineer the detection and response capabilities that defend mission-critical federal systems. This role offers hands-on influence over how cyber threats are detected, analyzed, and neutralized—combining development, automation, and operational security in a high-impact national security environment.
group id: 10176392