NIH - Incident Response Analyst
cFocus Software seeks a Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications:Public Trust Clearance B.S. Computer Science, Information Technology, or a related field 5+ years of cybersecurity experience. 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments. Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks. Experience with SIEM technologies and security monitoring platforms. Experience performing incident triage and root cause analysis. Knowledge of malware analysis and digital forensics concepts. Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide. Ability to obtain and maintain required NIH suitability/background investigation. Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC Duties:Monitor security events across the NIH/OD-OIT environment. Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems. Perform incident triage to determine scope, severity, urgency, and operational impact. Support incident containment, eradication, recovery, and restoration activities. Investigate suspected security incidents within established response time requirements. Coordinate incident handling activities with NIH and HHS cybersecurity organizations. Monitor enterprise security logs and alerts. Perform network and host-based intrusion detection. Monitor cloud applications and cloud infrastructure. Support continuous 24x7 security monitoring operations. Identify indicators of compromise (IOCs) and suspicious activity.