Senior Cyber Defense Incident Responder with Security Clearance

Senior Cyber Defense Incident Responder Location: Suitland, MDClearance: Active Secret RequiredEmployment Type: Full-Time Position Overview ICS (A Redhawk Company) is seeking an experienced Senior Cyber Defense Incident Responder to support a long-term federal cybersecurity program in the Washington, DC area. This role is responsible for leading incident response efforts, conducting advanced threat analysis, and strengthening enterprise-wide cyber defense operations. The ideal candidate will bring deep expertise in incident response, malware analysis, and forensic investigations, with the ability to operate in high-visibility environments supporting mission-critical systems. Key ResponsibilitiesLead and coordinate enterprise-wide cyber defense incident response activitiesPerform incident triage, including scope, impact, and vulnerability identificationAnalyze logs from multiple sources (host, network, firewall, IDS) to identify threatsConduct real-time incident response, including forensic collection, threat analysis, and remediationCorrelate incident data to identify vulnerabilities and recommend mitigation strategiesTrack and document incidents from detection through resolutionPerform cyber defense trend analysis and reportingCollect and analyze intrusion artifacts (e.g., malware, trojans, source code)Support deployable Incident Response Teams (IRTs)Coordinate with intelligence teams to align threat data and assessmentsMonitor external threat sources (CERT, vendor alerts, security advisories)Apply defense-in-depth strategies to enhance enterprise security postureRequired QualificationsBachelor's degree or higher6+ years of experience in one or more of the following:Malware analysisDigital forensicsNetwork/data analysisPenetration testingInformation assurance / vulnerability managementStrong understanding of:Cyber threat actors (insider, nation-state, non-state actors)Cyber attack lifecycle (reconnaissance through exploitation and persistence)Incident response methodologies and frameworksNetworking protocols (TCP/IP, DNS, web, mail services)Experience with intrusion detection and prevention technologiesAbility to design and implement incident response strategies for cloud environmentsStrong communication skills with ability to interface with senior leadershipActive Secret clearance requiredPreferred QualificationsExperience with malware identification, containment, and reportingStrong background in digital evidence handling and forensic integrity standardsExperience securing enterprise network communicationsKnowledge of vulnerability classification and associated attack vectorsHands-on experience with security tools such as:NIPSAnti-malware platformsSecurity event correlation tools (SIEM)Experience performing damage assessments and impact analysisFamiliarity with OWASP Top 10 and application security risksExperience in cloud-based incident response environmentsCertifications (Preferred/Relevant)Certifications in incident response, digital forensics, or cybersecurity such as:GCIA / GCIH / GCFACEHCySA+Security+CISSP (or equivalent)Program Overview This position supports a U.S. Government civilian agency, delivering comprehensive cybersecurity services including incident response, threat intelligence, and enterprise defense operations. The team operates in a fast-paced, mission-driven environment focused on protecting critical systems and data from evolving cyber threats. Why Join ICS At ICS, you'll help engineer the detection and response capabilities that defend mission-critical federal systems. This role offers hands-on influence over how cyber threats are detected, analyzed, and neutralized—combining development, automation, and operational security in a high-impact national security environment. APPLY HERE: