NIH - SOC Analyst
cFocus Software seeks a SOC Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications:Public Trust Clearance B.S. Computer Science, Information Technology, or a related field Minimum 2 years of Security Operations Center (SOC) or cybersecurity monitoring experience. Experience monitoring enterprise security environments. Experience investigating cybersecurity incidents. Knowledge of SIEM platforms and security monitoring technologies. Understanding of NIST SP 800-61 Computer Security Incident Handling Guide. Knowledge of MITRE ATT&CK Framework. Ability to obtain and maintain NIH suitability/background investigation. Duties:Continuously monitor enterprise security systems and Security Operations Center (SOC) dashboards. Analyze security alerts generated by SIEM, IDS/IPS, EDR, cloud security, and network monitoring platforms. Identify indicators of compromise (IOCs) and suspicious activity. Correlate security events across multiple technologies to identify potential cyber threats. Monitor Windows, Linux, cloud, network, and endpoint environments for malicious activity. Perform initial incident triage and classification. Analyze security events to determine severity, scope, impact, and priority. Validate potential security incidents and reduce false positives. Escalate confirmed incidents to Tier 2 and Tier 3 Incident Response personnel. Maintain incident tickets throughout the incident lifecycle.