NIH - Incident Response Analyst
cFocus Software Incorporated · Bethesda, MD · 2 wk ago
RemoteRemoteEducationFull-time
Qualifications
- Public Trust Clearance
- B.S. in Computer Science, Information Technology, or a related field
- 5+ years of cybersecurity experience
- 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments
- Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks
- Experience with SIEM technologies and security monitoring platforms
- Experience performing incident triage and root cause analysis
- Knowledge of malware analysis and digital forensics concepts
- Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide
- Ability to obtain and maintain required NIH suitability/background investigation
- Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC
Duties
- Monitor security events across the NIH/OD-OIT environment
- Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems
- Perform incident triage to determine scope, severity, urgency, and operational impact
- Support incident containment, eradication, recovery, and restoration activities
- Investigate suspected security incidents within established response time requirements
- Cook up incident handling activities with NIH and HHS cybersecurity organizations
- Maintain monitoring of enterprise security logs and alerts
- Perform network and host-based intrusion detection
- Maintain monitoring of cloud applications and cloud infrastructure
- Support continuous 24x7 security monitoring operations
- Identify indicators of compromise (IOCs) and suspicious activity