The Role
Monitor and analyze security events across NIH environments, detect and respond to incidents, perform triage and root cause analysis, support containment/eradication/recovery, investigate incidents across endpoints, networks and cloud, and coordinate response with NIH/HHS teams while maintaining 24x7 monitoring operations.
Summary Generated by Built In
cFocus Software seeks a Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 5+ years of cybersecurity experience.
- 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments.
- Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks.
- Experience with SIEM technologies and security monitoring platforms.
- Experience performing incident triage and root cause analysis.
- Knowledge of malware analysis and digital forensics concepts.
- Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide.
- Ability to obtain and maintain required NIH suitability/background investigation.
- Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC
Duties:
- Monitor security events across the NIH/OD-OIT environment.
- Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems.
- Perform incident triage to determine scope, severity, urgency, and operational impact.
- Support incident containment, eradication, recovery, and restoration activities.
- Investigate suspected security incidents within established response time requirements.
- Coordinate incident handling activities with NIH and HHS cybersecurity organizations.
- Monitor enterprise security logs and alerts.
- Perform network and host-based intrusion detection.
- Monitor cloud applications and cloud infrastructure.
- Support continuous 24x7 security monitoring operations.
- Identify indicators of compromise (IOCs) and suspicious activity.
Skills Required
- Public Trust clearance or ability to obtain one
- B.S. in Computer Science, Information Technology, or related field
- 5+ years of cybersecurity experience
- 5+ years supporting incident response or SOC environments
- Experience investigating incidents across Windows, Linux, cloud, and enterprise networks
- Experience with SIEM technologies and security monitoring platforms
- Experience performing incident triage and root cause analysis
- Knowledge of malware analysis and digital forensics concepts
- Understanding of NIST Cybersecurity Framework and NIST SP 800-61
- Ability to obtain and maintain required NIH suitability/background investigation
- Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!







