HHS Incident Responder

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 8 hours ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Incident Responder to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
Minimum 47 years of experience in incident response SOC operations or cybersecurity operations.
Hands-on experience responding to enterprise cybersecurity incidents.
Strong understanding of NIST SP 800-61 NIST SP 800-53 and federal incident response requirements.
Experience analyzing logs alerts malware and security events.
Ability to work effectively under pressure during active incidents.
Strong written and verbal communication skills.
Active GCIH CISSP CEH or Security (preferred).

Duties:

Monitor triage and respond to cybersecurity alerts and incidents in accordance with HRSA Incident Response Plans and SOC SOPs.
Perform incident analysis to determine scope impact root cause and affected systems.
Execute containment eradication and recovery actions for cybersecurity incidents.
Respond to malware infections phishing campaigns ransomware insider threats and data breaches.
Collect preserve and analyze evidence in accordance with chain-of-custody requirements.
Support forensic analysis and coordinate with digital forensics and threat hunting teams.
Document incident activities timelines findings and remediation actions within defined SLAs.
Prepare incident reports notifications and after-action reports for HRSA and HHS stakeholders.
Coordinate incident response activities with SOC Analysts ISSOs system owners Privacy Officials and leadership.
Support reporting requirements to HHS CSIRC CISA and other federal entities as required.
Participate in incident response drills tabletop exercises and cyber exercises.
Support continuous improvement of incident response playbooks SOPs and workflows.
Assist with remediation validation and lessons-learned activities following incident closure.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
Minimum 47 years of experience in incident response SOC operations or cybersecurity operations.
Hands-on experience responding to enterprise cybersecurity incidents.
Strong understanding of NIST SP 800-61 NIST SP 800-53 and federal incident response requirements.
Experience analyzing logs alerts malware and security events.
Ability to work effectively under pressure during active incidents.
Strong written and verbal communication skills.
Active GCIH CISSP CEH or Security (preferred).

Duties:

Monitor triage and respond to cybersecurity alerts and incidents in accordance with HRSA Incident Response Plans and SOC SOPs.
Perform incident analysis to determine scope impact root cause and affected systems.
Execute containment eradication and recovery actions for cybersecurity incidents.
Respond to malware infections phishing campaigns ransomware insider threats and data breaches.
Collect preserve and analyze evidence in accordance with chain-of-custody requirements.
Support forensic analysis and coordinate with digital forensics and threat hunting teams.
Document incident activities timelines findings and remediation actions within defined SLAs.
Prepare incident reports notifications and after-action reports for HRSA and HHS stakeholders.
Coordinate incident response activities with SOC Analysts ISSOs system owners Privacy Officials and leadership.
Support reporting requirements to HHS CSIRC CISA and other federal entities as required.
Participate in incident response drills tabletop exercises and cyber exercises.
Support continuous improvement of incident response playbooks SOPs and workflows.
Assist with remediation validation and lessons-learned activities following incident closure.