The Role
Monitor enterprise security systems, analyze alerts from SIEM/IDS/EDR/cloud/network platforms, identify IOCs, perform initial incident triage and classification, validate incidents, reduce false positives, escalate confirmed incidents, and maintain incident tickets through the lifecycle.
Summary Generated by Built In
cFocus Software seeks a SOC Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- Minimum 2 years of Security Operations Center (SOC) or cybersecurity monitoring experience.
- Experience monitoring enterprise security environments.
- Experience investigating cybersecurity incidents.
- Knowledge of SIEM platforms and security monitoring technologies.
- Understanding of NIST SP 800-61 Computer Security Incident Handling Guide.
- Knowledge of MITRE ATT&CK Framework.
- Ability to obtain and maintain NIH suitability/background investigation.
Duties:
- Continuously monitor enterprise security systems and Security Operations Center (SOC) dashboards.
- Analyze security alerts generated by SIEM, IDS/IPS, EDR, cloud security, and network monitoring platforms.
- Identify indicators of compromise (IOCs) and suspicious activity.
- Correlate security events across multiple technologies to identify potential cyber threats.
- Monitor Windows, Linux, cloud, network, and endpoint environments for malicious activity.
- Perform initial incident triage and classification.
- Analyze security events to determine severity, scope, impact, and priority.
- Validate potential security incidents and reduce false positives.
- Escalate confirmed incidents to Tier 2 and Tier 3 Incident Response personnel.
- Maintain incident tickets throughout the incident lifecycle.
Skills Required
- Public Trust Clearance
- B.S. in Computer Science, Information Technology, or related field
- Minimum 2 years of Security Operations Center (SOC) or cybersecurity monitoring experience
- Experience monitoring enterprise security environments
- Experience investigating cybersecurity incidents
- Knowledge of SIEM platforms and security monitoring technologies
- Understanding of NIST SP 800-61 Computer Security Incident Handling Guide
- Knowledge of MITRE ATT&CK Framework
- Ability to obtain and maintain NIH suitability/background investigation
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!







