NIH - Incident Response Analyst
Remote
Full Time
NIH - ISPSS
Experienced
cFocus Software seeks a Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 5+ years of cybersecurity experience.
- 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments.
- Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks.
- Experience with SIEM technologies and security monitoring platforms.
- Experience performing incident triage and root cause analysis.
- Knowledge of malware analysis and digital forensics concepts.
- Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide.
- Ability to obtain and maintain required NIH suitability/background investigation.
- Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC
Duties:
- Monitor security events across the NIH/OD-OIT environment.
- Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems.
- Perform incident triage to determine scope, severity, urgency, and operational impact.
- Support incident containment, eradication, recovery, and restoration activities.
- Investigate suspected security incidents within established response time requirements.
- Coordinate incident handling activities with NIH and HHS cybersecurity organizations.
- Monitor enterprise security logs and alerts.
- Perform network and host-based intrusion detection.
- Monitor cloud applications and cloud infrastructure.
- Support continuous 24x7 security monitoring operations.
- Identify indicators of compromise (IOCs) and suspicious activity.
Apply for this position
Required*