Home › Companies › Careers Peraton Icims Com › CIRT Tier 2 Analyst

CIRT Tier 2 Analyst

Careers Peraton Icims Com · Beltsville, MD, US · On Site · Active · $80,000–$128,000 / day · iCIMS

Job facts

Field	Value
Company	Careers Peraton Icims Com
Title	CIRT Tier 2 Analyst
Normalized title	-
Department / team	Information Technology
Location	Beltsville, MD, United States
Work model	On Site
Employment type	Full Time
Salary	$80,000–$128,000 / day
Status	active
ATS provider	iCIMS
Posted / first seen	2026-03-25 / 2026-05-31
Changed / last seen	2026-06-01 / 2026-06-17

Related slices

Page	What it contains	Open
Company jobs	Active postings from Careers Peraton Icims Com.	Open
Company breakdowns	Role, location, ATS, and work model facets for this company.	Open
ATS provider jobs	Active postings observed through iCIMS.	Open
Provider filtered search	The same provider as a filtered job collection.	Open
City jobs	Active postings in Beltsville.	Open
Department jobs	Active postings in Information Technology.	Open
Work model jobs	Active On Site postings.	Open
Lifecycle events	Open, update, close, and reopen events for this posting.	Open
Original posting	Canonical source or apply URL captured from the ATS.	Open

Linked records

Company	Careers Peraton Icims Com
Source	944b3981-c90b-4379-a0d8-7cc8e4e36cf3
ATS provider	iCIMS

Description

Responsibilities Peraton is seeking an experienced CIRT Tier 2 Analyst to join Peratons' Federal Strategic Cyber Mission program. Location: Beltsville, MD; On-site Work Hours: Mid Shift, 22:00– 6:00 EST, SUN-THU. In this role, you will: Detect, classify, process, track, and report on cyber security events and incidents. Perform advanced in-depth analysis of coordinated Tier 1 alert triage and requests in a 24x7x365 environment. Analyze logs from multiple sources (e.g., host logs, EDR, firewalls, intrusion detection systems, servers) to identify, contain, and remediate suspicious activity. Characterize and analyze network traffic to identify anomalous activity and potential threats. Protect against and prevent potential cyber security threats and vulnerabilities. Perform forensic analysis of hosts artifacts, network traffic, and email content. Analyze malicious scripts and code to mitigate potential threats. Conduct malware analysis to generate IOCs to identify and mitigate threats. Collaborate with Department of State teams to analyze and respond to events and incidents. Monitor and respond to the CIRT Security Orchestration and Automation Response (SOAR) platform, hotline, email in-boxes. Create tickets and initiate workflows as instructed in technical SOPs. Coordinate and report incident information to the Cybersecurity and Infrastructure Security Agency (CISA). Collaborate with other local, national and international CIRTs as directed. Submit alert tuning requests. Qualifications Required: Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of experience. Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment: CCNA-SecurityCNDCySA+ GICSPGSECSecurity+ CESSCP Continued certification is required as a condition of employment. Demonstrated experience in the Incident Response lifecycle. Knowledge of SOAR ticketing and automated response systems (e.g. ServiceNow, Splunk SOAR, Microsoft Sentinel). Demonstrated experience with using Security Information and Event Management (SIEM) platforms (e.g. Splunk, Microsoft Sentinel, Elastic, Q-Radar). Demonstrated experience in using Endpoint Detection and Response systems (e.g. MDE, ElasticXDR, CarbonBlack, Crowdstrike). Knowledge of cloud security monitoring and incident response. Knowledge of integrating IOCs and Advanced Persistent Threat actors. Ability to analyze cyber threat intelligence reporting and understanding adversary methodologies and techniques. Knowledge of malware analysis techniques. Knowledge of the MITRE ATT&CK and D3FEND frameworks. U.S. Citizenship required. Active Secret security clearance required in order to start. Preferred: Proficiency with Splunk for security monitoring, alert creation, and threat hunting. Knowledge of Microsoft Azure access and identity management. Proficiency with Microsoft Defender for Endpoint and Identity for security monitoring, response, and alert generations. Experience in using digital forensics collection and analysis tools (e.g. Autopsy, MagnetForensics, ZimmermanTools, KAPE, CyLR, Volatility). Experience with using ServiceNow SOAR for ticketing and automated response. Knowledge of Python, PowerShell and BASH scripting languages. Experience with cloud security monitoring and incident response. Demonstrated ability to perform static/dynamic malware analysis and reverse engineering. Experience with integrating cyber threat intelligence and IOC-based hunting. Technical certifications such as: Security+, CySA+, Cloud+, Try Hack Me SAL1, Hack the Box CDSA, CyberDefenders, CCD, Azure SC-900, CCSP, GCIH, CCSK, GSEC, CHFI, GCLD, GCIA. Advanced technical certifications such as: SecurityX/CASP+, PRMP, GREM, GEIR, GNFA, or GCFA. Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure. Target Salary Range $80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Full job record

Job ID	20301b3ca0ebf7dfeaf088b353820276d73b02f6
Org ID	b88db125-2f81-4362-9897-a29d0e7de670
Source ID	944b3981-c90b-4379-a0d8-7cc8e4e36cf3
Board ID	944b3981-c90b-4379-a0d8-7cc8e4e36cf3
Provider	icims
Provider Job Key	164926
Title	CIRT Tier 2 Analyst
Normalized Title	—
Status	active
Active	yes
Location Text	Beltsville, MD, US
Department	Information Technology
Team	—
Employment Type	full_time
Workplace Type	on_site
Remote Policy	—
Country	United States
Region	MD
City	Beltsville
Salary Raw	Responsibilities Peraton is seeking an experienced CIRT Tier 2 Analyst to join Peratons' Federal Strategic Cyber Mission program. Location: Beltsville, MD; On-site Work Hours: Mid Shift, 22:00– 6:00 EST, SUN-THU. In this role, you will: Detect, classify, process, track, and report on cyber security events and incidents. Perform advanced in-depth analysis of coordinated Tier 1 alert triage and requests in a 24x7x365 environment. Analyze logs from multiple sources (e.g., host logs, EDR, firewalls, intrusion detection systems, servers) to identify, contain, and remediate suspicious activity. Characterize and analyze network traffic to identify anomalous activity and potential threats. Protect against and prevent potential cyber security threats and vulnerabilities. Perform forensic analysis of hosts artifacts, network traffic, and email content. Analyze malicious scripts and code to mitigate potential threats. Conduct malware analysis to generate IOCs to identify and mitigate threats. Collaborate with Department of State teams to analyze and respond to events and incidents. Monitor and respond to the CIRT Security Orchestration and Automation Response (SOAR) platform, hotline, email in-boxes. Create tickets and initiate workflows as instructed in technical SOPs. Coordinate and report incident information to the Cybersecurity and Infrastructure Security Agency (CISA). Collaborate with other local, national and international CIRTs as directed. Submit alert tuning requests. Qualifications Required: Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of experience. Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment: CCNA-SecurityCNDCySA+ GICSPGSECSecurity+ CESSCP Continued certification is required as a condition of employment. Demonstrated experience in the Incident Response lifecycle. Knowledge of SOAR ticketing and automated response systems (e.g. ServiceNow, Splunk SOAR, Microsoft Sentinel). Demonstrated experience with using Security Information and Event Management (SIEM) platforms (e.g. Splunk, Microsoft Sentinel, Elastic, Q-Radar). Demonstrated experience in using Endpoint Detection and Response systems (e.g. MDE, ElasticXDR, CarbonBlack, Crowdstrike). Knowledge of cloud security monitoring and incident response. Knowledge of integrating IOCs and Advanced Persistent Threat actors. Ability to analyze cyber threat intelligence reporting and understanding adversary methodologies and techniques. Knowledge of malware analysis techniques. Knowledge of the MITRE ATT&CK and D3FEND frameworks. U.S. Citizenship required. Active Secret security clearance required in order to start. Preferred: Proficiency with Splunk for security monitoring, alert creation, and threat hunting. Knowledge of Microsoft Azure access and identity management. Proficiency with Microsoft Defender for Endpoint and Identity for security monitoring, response, and alert generations. Experience in using digital forensics collection and analysis tools (e.g. Autopsy, MagnetForensics, ZimmermanTools, KAPE, CyLR, Volatility). Experience with using ServiceNow SOAR for ticketing and automated response. Knowledge of Python, PowerShell and BASH scripting languages. Experience with cloud security monitoring and incident response. Demonstrated ability to perform static/dynamic malware analysis and reverse engineering. Experience with integrating cyber threat intelligence and IOC-based hunting. Technical certifications such as: Security+, CySA+, Cloud+, Try Hack Me SAL1, Hack the Box CDSA, CyberDefenders, CCD, Azure SC-900, CCSP, GCIH, CCSK, GSEC, CHFI, GCLD, GCIA. Advanced technical certifications such as: SecurityX/CASP+, PRMP, GREM, GEIR, GNFA, or GCFA. Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure. Target Salary Range $80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Salary Min	80,000
Salary Max	128,000
Salary Currency	USD
Salary Period	day
Source URL	https://careers-peraton.icims.com/jobs/164926/cirt-tier-2-analyst/job
Apply URL	https://careers-peraton.icims.com/jobs/164926/cirt-tier-2-analyst/job
First Seen At	2026-05-31 18:45:22Z
Last Seen At	2026-06-17 08:33:07Z
Last Checked At	2026-06-17 08:33:07Z
Last Changed At	2026-06-01 13:53:09Z
Inactive At	—
Source Posted At	2026-03-25 04:00:00Z
Source Updated At	2026-05-28 13:03:26Z
Raw Payload Uri	s3://job-postings-prod-raw-590183727216/raw/provider=icims/board=careers-peraton.icims.com/date=2026-06-17/2026-06-17T08-32-01-244Z-0307d191518d449ea40985e89b4052dfc57f5fb3e8aa1cf5718509a0edca2978.json

Event Fields

{
  "content_hash": "0d40eec2305c5f0c75a57091d4ca0848582c2a0ca4f224306d7868ecbb5b2241",
  "source_hash": "0a1f2d7ad7fa04e0e5dbee607c2058ba1af2787024c9ec4d03ca32d0ab276b98",
  "last_changed_at": "2026-06-01T13:53:09.581Z",
  "active_status": "active"
}

Parsed Structured

{
  "language": "en",
  "location": {
    "raw": "Beltsville, MD, US",
    "city": "Beltsville",
    "region": "MD",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.8
  },
  "salary_max": 128000,
  "salary_min": 80000,
  "inferred_at": "2026-06-17T08:33:06.683Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Beltsville, MD, US",
      "city": "Beltsville",
      "region": "MD",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": "day",
  "workplace_type": "on_site",
  "salary_currency": "USD"
}

Extensions

{}

Native Structured

{
  "json_ld": {
    "url": "https://careers-peraton.icims.com/jobs/164926/cirt-tier-2-analyst/job",
    "@type": "JobPosting",
    "title": "CIRT Tier 2 Analyst",
    "@context": "http://schema.org",
    "datePosted": "2026-03-25T04:00:00.000Z",
    "description": "<h2>Responsibilities</h2>\n<p>Peraton is seeking an experienced <strong>CIRT Tier 2 Analyst</strong> to join Peratons' Federal Strategic Cyber Mission program.</p>\n<p> </p>\n<p><strong>Location:</strong> Beltsville, MD; On-site</p>\n<p> </p>\n<p><strong>Work Hours:</strong> Mid Shift, 22:00– 6:00 EST, SUN-THU.</p>\n<p> </p>\n<p><strong>In this role, you will:</strong></p>\n<ul>\n <li>Detect, classify, process, track, and report on cyber security events and incidents.</li>\n <li>Perform advanced in-depth analysis of coordinated Tier 1 alert triage and requests in a 24x7x365 environment.</li>\n <li>Analyze logs from multiple sources (e.g., host logs, EDR, firewalls, intrusion detection systems, servers) to identify, contain, and remediate suspicious activity.</li>\n <li>Characterize and analyze network traffic to identify anomalous activity and potential threats.</li>\n <li>Protect against and prevent potential cyber security threats and vulnerabilities.</li>\n <li>Perform forensic analysis of hosts artifacts, network traffic, and email content.</li>\n <li>Analyze malicious scripts and code to mitigate potential threats.</li>\n <li>Conduct malware analysis to generate IOCs to identify and mitigate threats.</li>\n <li>Collaborate with Department of State teams to analyze and respond to events and incidents.</li>\n <li>Monitor and respond to the CIRT Security Orchestration and Automation Response (SOAR) platform, hotline, email in-boxes.</li>\n <li>Create tickets and initiate workflows as instructed in technical SOPs.</li>\n <li>Coordinate and report incident information to the Cybersecurity and Infrastructure Security Agency (CISA).</li>\n <li>Collaborate with other local, national and international CIRTs as directed.</li>\n <li>Submit alert tuning requests.</li>\n</ul>\n<h2>Qualifications</h2>\n<p><strong>Required:</strong></p>\n<ul>\n <li>Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of experience.</li>\n <li>Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment:\n  <ul>\n   <li>CCNA-SecurityCNDCySA+ GICSPGSECSecurity+ CESSCP</li>\n  </ul></li>\n <li>Continued certification is required as a condition of employment.</li>\n <li>Demonstrated experience in the Incident Response lifecycle.</li>\n <li>Knowledge of SOAR ticketing and automated response systems (e.g. ServiceNow, Splunk SOAR, Microsoft Sentinel).</li>\n <li>Demonstrated experience with using Security Information and Event Management (SIEM) platforms (e.g. Splunk, Microsoft Sentinel, Elastic, Q-Radar).</li>\n <li>Demonstrated experience in using Endpoint Detection and Response systems (e.g. MDE, ElasticXDR, CarbonBlack, Crowdstrike).</li>\n <li>Knowledge of cloud security monitoring and incident response.</li>\n <li>Knowledge of integrating IOCs and Advanced Persistent Threat actors.</li>\n <li>Ability to analyze cyber threat intelligence reporting and understanding adversary methodologies and techniques. </li>\n <li>Knowledge of malware analysis techniques.</li>\n <li>Knowledge of the MITRE ATT&CK and D3FEND frameworks.</li>\n <li>U.S. Citizenship required.</li>\n <li>Active Secret security clearance required in order to start.</li>\n</ul>\n<p><strong>Preferred:</strong></p>\n<ul>\n <li>Proficiency with Splunk for security monitoring, alert creation, and threat hunting.</li>\n <li>Knowledge of Microsoft Azure access and identity management.</li>\n <li>Proficiency with Microsoft Defender for Endpoint and Identity for security monitoring, response, and alert generations.</li>\n <li>Experience in using digital forensics collection and analysis tools (e.g. Autopsy, MagnetForensics, Zimmerman\u0002Tools, KAPE, CyLR, Volatility).</li>\n <li>Experience with using ServiceNow SOAR for ticketing and automated response.</li>\n <li>Knowledge of Python, PowerShell and BASH scripting languages.</li>\n <li>Experience with cloud security monitoring and incident response.</li>\n <li>Demonstrated ability to perform static/dynamic malware analysis and reverse engineering.</li>\n <li>Experience with integrating cyber threat intelligence and IOC-based hunting.</li>\n <li>Technical certifications such as: Security+, CySA+, Cloud+, Try Hack Me SAL1, Hack the Box CDSA, CyberDefenders, CCD, Azure SC-900, CCSP, GCIH, CCSK, GSEC, CHFI, GCLD, GCIA.</li>\n <li>Advanced technical certifications such as: SecurityX/CASP+, PRMP, GREM, GEIR, GNFA, or GCFA.</li>\n</ul>\n<h2>Peraton Overview</h2>\n<p>Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.</p>\n<h2>Target Salary Range</h2>$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.\n<h2>EEO</h2>EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.",
    "directApply": true,
    "jobLocation": [
      {
        "@type": "Place",
        "address": {
          "@type": "PostalAddress",
          "postalCode": "UNAVAILABLE",
          "addressRegion": "MD",
          "streetAddress": "UNAVAILABLE",
          "addressCountry": "US",
          "addressLocality": "Beltsville",
          "postOfficeBoxNumber": "UNAVAILABLE"
        }
      }
    ],
    "validThrough": "2027-03-25T04:00:00.000Z",
    "employmentType": "FULL_TIME",
    "hiringOrganization": {
      "name": "Peraton",
      "@type": "Organization",
      "sameAs": "UNAVAILABLE"
    },
    "occupationalCategory": "Information Technology"
  },
  "detail_meta": {
    "url": "https://careers-peraton.icims.com/jobs/164926/cirt-tier-2-analyst/job?in_iframe=1",
    "http_status": 200,
    "content_type": "text/html;charset=UTF-8",
    "response_bytes": 40402,
    "compact_response_bytes": 7025,
    "original_response_bytes": 40402
  },
  "sitemap_job": {
    "id": "164926",
    "url": "https://careers-peraton.icims.com/jobs/164926/cirt-tier-2-analyst/job",
    "slug": "cirt-tier-2-analyst",
    "lastmod": "2026-05-28T09:03:26-04:00"
  },
  "detail_errors": []
}

Get this page with API

Rendered from the bluedoor Job Postings API. Reproduce it:

GET https://api.bluedoor.sh/job-postings/v1/jobs/20301b3ca0ebf7dfeaf088b353820276d73b02f6?include=descriptionJSON

GET https://api.bluedoor.sh/job-postings/v1/orgs/b88db125-2f81-4362-9897-a29d0e7de670JSON

GET https://api.bluedoor.sh/job-postings/v1/sources/944b3981-c90b-4379-a0d8-7cc8e4e36cf3JSON

GET https://api.bluedoor.sh/job-postings/v1/jobs/20301b3ca0ebf7dfeaf088b353820276d73b02f6/eventsJSON

Docs · Get an API key