NIH - Incident Response Analyst

cFocus Software Incorporated

Bethesda, MD(remote)

JOB DETAILS
JOB TYPE
Full-time
SKILLS
Analysis Skills, Background Investigation, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Applications, Cloud Computing, CompTIA Security+, Computer Forensics, Computer Science, Computer Security, Department of Health and Human Services, Enterprise Protection, GCFA - GIAC Certified Forensic Analyst, GCIA - GIAC Certified Intrusion Analyst, GCIH - GIAC Certified Incident Handler, GSEC - GIAC Security Essentials Certification, Incident Management, Incident Response, Information Technology & Information Systems, Internet Security, Intrusion Detection Systems, Linux Operating System, Malware Analysis, Microsoft Windows Operating System, National Institutes of Health (NIH), Patient Assessment, Position of Public Trust, Root Cause Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Bethesda, MD
POSTED
13 days ago
cFocus Software seeks a Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years of cybersecurity experience.
  • 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments.
  • Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks.
  • Experience with SIEM technologies and security monitoring platforms.
  • Experience performing incident triage and root cause analysis.
  • Knowledge of malware analysis and digital forensics concepts.
  • Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide.
  • Ability to obtain and maintain required NIH suitability/background investigation.
  • Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC

Duties:
  • Monitor security events across the NIH/OD-OIT environment.
  • Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems.
  • Perform incident triage to determine scope, severity, urgency, and operational impact.
  • Support incident containment, eradication, recovery, and restoration activities.
  • Investigate suspected security incidents within established response time requirements.
  • Coordinate incident handling activities with NIH and HHS cybersecurity organizations.
  • Monitor enterprise security logs and alerts.
  • Perform network and host-based intrusion detection.
  • Monitor cloud applications and cloud infrastructure.
  • Support continuous 24x7 security monitoring operations.
  • Identify indicators of compromise (IOCs) and suspicious activity.

Powered by JazzHR

About the Company

c

cFocus Software Incorporated