×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Tier 2 Shift Lead​/Secret Security Clearance

Job in Beltsville, Prince George's County, Maryland, 20704, USA
Listing for: Peraton
Full Time position
Listed on 2026-07-15
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Position: Tier 2 Shift Lead / Secret with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview Encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support for Bureau of Diplomatic Security, Cyber and Technology Security Directorate in three key offices/functional areas:
Cyber Monitoring and Operations, Cyber Threat and Investigations, and Technology Innovation and Engineering State. About

The Role Peraton is seeking an experienced Tier 2 Cyber Incident Response Team (CIRT) Shift Lead to join Peratons' Federal Strategic Cyber Mission program.

Location:

Beltsville, MD;
On-site

Work Hours:

Day Shift, 06:00- 14:00 EST (6:00 - 2:00 PM, EST), Tuesday - Saturday In this role, you will:
* Detect, classify, process, track, and report on cyber security events and incidents.

* Perform advanced in-depth analysis of coordinated Tier 1 alert triage and requests in a 24x7x365 environment.

* Analyze logs from multiple sources (e.g., host logs, EDR, firewalls, intrusion detection systems, servers) to identify, contain, and remediate suspicious activity.

* Characterize and analyze network traffic to identify anomalous activity and potential threats.

* Protect against and prevent potential cyber security threats and vulnerabilities.

* Perform forensic analysis of hosts artifacts, network traffic, and email content.

* Analyze malicious scripts and code to mitigate potential threats.

* Conduct malware analysis to generate IOCs to identify and mitigate threats.

* Collaborate with Department of State teams to analyze and respond to events and incidents.

* Monitor and respond to the CIRT Security Orchestration and Automation Response (SOAR) platform, hotline, email in-boxes.

* Create tickets and initiate workflows as instructed in technical SOPs.

* Coordinate and report incident information to the Cybersecurity and Infrastructure Security Agency (CISA).

* Collaborate with other local, national and international CIRTs as directed.

* Submit alert tuning requests.

Additionally, as a Tier 2 Shift Lead you will:

* Review all Tier 2 shift tickets for accuracy and completeness

* Coordinate with CIRT Watch Officers and government leadership on remediation actions

* Provide technical and procedural improvement recommendations to CIRT leadership

* Assist with Tier 2 candidate technical interviews as required

* Ensure coordinated remediation actions are operating properly
Qualifications

Minimum Qualifications
* Bachelor's degree and minimum of 9 years of relevant experience; or, Master's degree with minimum of 7 years; or PhD with 4 years. In lieu of a degree, 4 years of additional experience may be considered.

* Must possess, or obtain prior to start date, at least one of the following certifications. Continued certification is required as a condition of employment:

* CASP+ CE; CCNA Cyber Ops; CCNA-Security; CCNP Security; CEH; CFR; CHFI; CISA;

CISSP (or Associate); CISSP-ISSAP; CISSP-ISSEP;
CySA+; GCED; GCFA; GCIH; SCYBER

* Demonstrated experience across the incident response lifecycle.

* Experience with SOAR platforms and automated response workflows (e.g., Service Now, Splunk SOAR, Microsoft Sentinel).

* Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, Microsoft Sentinel, Elastic, QRadar).

* Experience with Endpoint Detection and Response (EDR) solutions (e.g., Microsoft Defender for Endpoint, Elastic XDR, Carbon Black, Crowd Strike).

* Knowledge of cloud security monitoring and incident response.

* Knowledge of integrating indicators of compromise (IOCs) and tracking advanced persistent threat (APT) actors.

* Ability to analyze cyber threat intelligence and understand adversary tactics, techniques, and procedures (TTPs).

* Knowledge of malware analysis techniques.

* Familiarity with MITRE ATT&CK and D3

FEND frameworks.

* U.S. Citizenship required.

* Active Secret security clearance required ferred

Qualifications:

* Proficiency with Splunk for security monitoring, alert creation, and threat hunting.

* Experience using Microsoft Azure access and identity management.

* Proficiency in Microsoft Defender for Endpoint and Identity for security monitoring, response, and alert generations.

* Experience using digital forensics collection and analysis tools (e.g.…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary