×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Tier 1 Cyber Incident Response Team; CIRT Lead

Job in Hyattsville, Prince George's County, Maryland, 20780, USA
Listing for: Peraton
Full Time position
Listed on 2026-01-25
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Position: Tier 1 Cyber Incident Response Team (CIRT) Lead

Responsibilities

Peraton is currently seeking an experienced Tier 1 Cyber Incident Response Team (CIRT) Lead to become part of our Federal Strategic Cyber Group.

Location:
Beltsville, MD.

Schedule:
Mon-Friday, 08:00-16:00 (8:00 AM - 4:00PM).

In this role, you will:

  • Manage the detection, classification, processing, tracking, and reporting on cyber security events and incidents
  • Coordinate and collaborate with Department teams to analyze and respond to events and incidents
  • Manage triage and response capabilities in a 24x7x365 environment
  • Monitor and triage the CIRT hotline, email inboxes, and fax
  • Manage ticket creation and workflows as instructed in SOPs
  • Mange the reporting of incident information to the Cybersecurity and Infrastructure Security Agency (CISA)
  • Manage collaboration with other local, national and international CIRTs as directed
  • Manage the delivery and oversight of remediation activities
  • Manage IR processes for identifying and triaging email events
  • Manage IR processes for triage and analysis of Splunk Enterprise Security (ES) alerts and Microsoft Defender for Endpoint (MDE) Alerts
  • Manage IR processes for triage of malicious artifacts to remediate further propagation
  • Manage IR processes for triage and initial analysis of Microsoft Defender for Identity alerts, Entra s, and Microsoft for Cloud Identity alerts

Additionally, as a Tier 1 Lead you will:

  • Create schedules and maintain personnel across all shifts
  • Review monthly and technical status reports to ensure compliance and accuracy
  • Review and update SCRUM sprint objectives for the team
  • Prepare weekly metrics reports and Weekly Activity Reports (WAR) for upper management
  • Write and suggest technical and procedural changes to CIRT management
  • Conduct candidate interviews to evaluate potential team members
  • Lead Shift Lead meetings to discuss training, issues, and concerns
  • Identify Tier 1 analyst training requirements and coordinate training support
  • Mentor the professional development of Tier 1 analysts

Minimum Requirements:

  • Bachelor’s degree and a minimum of 9 years of relevant experience; 7 years with a Master’s degree; 4 years with a PhD.
    • An additional 4 years of relevant experience may be substituted for the degree requirement.
  • Applicants must currently hold one of the following professional certifications or obtain one prior to their start date. Continued certification is required as a condition of employment:
    CASP+ CE, CCNA Cyber Ops, CCNA-Security, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), CISSP-ISSAP, CISSP-ISSEP, CySA+, GCED, GCFA, GCIH, SCYBER
  • U.S. citizenship required
  • Active Secret security clearance
    • Ability to obtain a final Top-Secret clearance

Required Technical & Professional

Experience:

  • Demonstrated experience across the Incident Response lifecycle
  • Experience using ticketing and Security Orchestration and Response (SOAR) platforms (e.g., Service Now, Splunk SOAR)
  • Knowledge of MITRE ATT&CK and D3

    FEND     frameworks
  • Knowledge of the Agile framework and SCRUM planning lifecycle
  • Experience with log analysis and correlation from multiple sources
  • Experience with email security and phishing analysis
  • Experience with cloud security monitoring and cloud-based incident response
  • Proficiency with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Elastic, QRadar)
  • Proficiency with Endpoint Detection and Response (EDR) platforms (e.g., Microsoft XDR, Elastic XDR, Carbon Black, Crowd Strike)
  • Ability to analyze all-source cyber threat intelligence and understand adversary methodologies and techniques
  • Experience with Power Shell, Python, or BASH scripting
  • Knowledge of static and dynamic malicious artifact analysis
  • Experience collaborating with internal and external stakeholders
  • Excellent written and verbal communication skills
  • Strong leadership and mentoring capabilities

Preferred Qualifications

  • Advanced technical or project management certifications, such as:
    CISSP, Security

    X/CASP+, GEIR, GNFA, GCFA, PMP, CISA
  • Demonstrated expertise with Splunk for security monitoring and alert triage
  • Demonstrated expertise with Microsoft Defender for Endpoint and Identity
  • Experience with SCRUM planning under the Agile framework
  • Experience with digital forensics collection and analysis tools
  • Experien…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search