top of page

Cybersecurity CND-SP Incident Responder

Candidates must have an active DoD TS/SCI clearance, with the ability to pass a polygraph exam.

IC-CAP is an IT/Analytics services company located in Washington, DC. We are focused on improving the practice of intelligence analysis through the preparation of data, enhanced visualizations, and the development of an enhanced analytical workforce. Our members are our greatest assets, and we offer greater career potential and work-life balance through our approach to career growth, training, mentorship, and our variable benefits package.

Are you an experienced Cybersecurity CND-SP Incident Responder passionate about the security and defense of the United States? Interested in working for a company driven to improve our country’s intelligence and defense capabilities through technology?

Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise, our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.


  • Performing Tier 1 Computer Security Incident Response activities for a large organization that involves coordinating with other government agencies to record and report incidents.

  • Improving the detection, escalation, containment, and resolution of malware incidents.

  • Communicating alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems.

  • Evaluating and analysis complex malicious binaries and exploits improve defenses and awareness.

  • Identifying requirements for new malware analysis capabilities, and contribute to the development of new malware analysis tools and techniques.

  • Investigating instances of malicious code to determine attack vector, payload, and the extent of damage and data exfiltration.

  • Performing forensic analysis on system memory, hard drives, and network traffic.

  • Scripting whenever required achieving short/long term requirements.

  • Providing guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.

  • Maintaining current knowledge of relevant technology as assigned.

  • Participating in special projects as required.

  • May serve as a technical team or task leader.


  • Malware analysis, reverse engineering, threat intelligence, and signature development tools (OllyDbg, IDA Pro, WinDbg, Maltego, YARA, Snort).

  • An understanding of programming (C/C++, Assembly, Java), web (PHP, JavaScript) languages, as well as the ability to utilize scripting languages (Python) for incident handling and development purposes.

  • Knowledgeable in network analysis and monitoring (Wireshark, Sourcefire, Fidelis, FireEye)

  • Experience in multimedia forensics (EnCase, FTK, Paraben, Cellebrite, Active Defense)

  • Intrusion Prevention Systems (Tipping Point, Websense, Dragon).

  • Familiarity with passive DNS.

Job Type: Full-time

Salary: $90,000.00 to $125,000.00 /year

Position may require evening, weekend or shift-work (depending on operational tempo).

If this sounds like you or you know someone who would be a solid fit, let's talk! Send us your resume and a bit about yourself!

bottom of page