Tier 2 Shift Lead Malware Analyst (SME) with Security Clearance

ICS is seeking an experienced Tier 2 Shift Lead Malware Analyst SME (CIRT) Shift Lead to support a high-visibility federal cyber mission. This role is ideal for a hands-on cybersecurity professional who thrives in a fast-paced SOC environment and is ready to lead analysts while driving advanced incident response efforts. You will play a key role in defending enterprise systems by leading Tier 2 investigations, coordinating response activities, and improving detection and response capabilities across the environment. What You'll Do:Lead Tier 2 incident response investigations across network, endpoint, and cloud environmentsAnalyze alerts and logs from SIEM, EDR, firewalls, and IDS/IPS toolsPerform deep-dive analysis to identify, contain, and remediate cyber threatsConduct malware analysis, forensic investigations, and threat huntingCorrelate indicators of compromise (IOCs) and track adversary activityMonitor and respond to alerts through SIEM and SOAR platformsCreate, update, and execute incident response playbooks and SOPsCoordinate with stakeholders and federal partners on incident response and reportingSubmit alert tuning recommendations to improve detection quality Leadership Responsibilities:Oversee Tier 2 shift operations and ensure ticket quality and completenessGuide and mentor SOC analysts during investigationsCoordinate remediation efforts with leadership and technical teamsProvide recommendations to improve workflows, processes, and response effectivenessSupport technical interviews and onboarding of new team members Required Qualifications:Active Secret clearance (required to start)U.S. CitizenshipExperience across the incident response lifecycle (detection ? containment ? remediation ? recovery)Hands-on experience with:SIEM tools (Splunk, Microsoft Sentinel, Elastic, or similar)EDR tools (CrowdStrike, Microsoft Defender, Carbon Black, etc.)SOAR platforms (ServiceNow, Splunk SOAR, or similar)Experience analyzing logs, network traffic, and endpoint telemetryStrong understanding of:Threat intelligence and IOC analysisMalware analysis and forensic techniquesMITRE ATT&CK framework Preferred Qualifications:Experience in a SOC, CIRT, or Cyber Defense environmentPrior leadership, mentoring, or shift lead experienceExperience with cloud security monitoring (AWS, Azure)Scripting experience (Python, PowerShell, Bash)Familiarity with digital forensics tools (Autopsy, Volatility, etc.)Relevant certifications such as:Security+, CySA+, CISSP, GCIH, GCIA, CEH, or similar Why Join ICS?Support a mission-critical federal cyber programWork alongside a highly skilled and collaborative SOC teamOpportunity to step into or expand leadership responsibilitiesHands-on role with real impact on cyber defense operations Apply Today: If you're a driven cybersecurity professional ready to lead investigations and make an impact in a mission-focused environment, we'd love to connect.