NIH Security Operations Firewall Analyst

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Security Operations / Firewall Analyst to join our program supporting the National Institutes of Health (NIH). This position is remote. This position requires a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or a related discipline.
Minimum 35 years of experience supporting security operations network security monitoring or firewall administration.
Experience with SIEM platforms and cybersecurity monitoring tools.
Familiarity with IDS/IPS systems endpoint security solutions and network security technologies.
Experience supporting firewall administration and rule management.
Understanding of federal cybersecurity frameworks such as NIST RMF and FISMA.
Strong analytical troubleshooting and documentation skills.

Duties:

Monitor cybersecurity tools and alerts to detect and respond to potential security incidents.
Support Security Operations Center (SOC) activities including threat monitoring and alert analysis.
Assist with firewall configuration rule management and network segmentation enforcement.
Analyze system and network logs to identify suspicious or unauthorized activities.
Coordinate with cybersecurity teams to respond to incidents and mitigate vulnerabilities.
Monitor SIEM platforms IDS/IPS systems endpoint protection tools and other security monitoring systems.
Investigate security alerts and escalate incidents based on severity and impact.
Perform analysis of network traffic and endpoint telemetry to identify indicators of compromise.
Track and document incident investigations and response activities.
Provide operational monitoring support during high-volume security events or incidents.
Manage firewall rules to enforce least privilege and default-deny access policies.
Support configuration management and change control processes for firewall rule updates.
Conduct routine firewall rule reviews to identify obsolete or unnecessary access rules.
Validate firewall configurations and ensure compliance with HHS and NIH security standards.
Support network segmentation and security zone management to protect sensitive systems.
Validate and monitor logs generated by network and security devices.
Ensure logging configurations comply with federal cybersecurity guidance including OMB M-21-31.
Analyze log data to identify anomalies policy violations or indicators of malicious activity.
Assist with cybersecurity compliance activities and audit preparation.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or a related discipline.
Minimum 35 years of experience supporting security operations network security monitoring or firewall administration.
Experience with SIEM platforms and cybersecurity monitoring tools.
Familiarity with IDS/IPS systems endpoint security solutions and network security technologies.
Experience supporting firewall administration and rule management.
Understanding of federal cybersecurity frameworks such as NIST RMF and FISMA.
Strong analytical troubleshooting and documentation skills.

Duties:

Monitor cybersecurity tools and alerts to detect and respond to potential security incidents.
Support Security Operations Center (SOC) activities including threat monitoring and alert analysis.
Assist with firewall configuration rule management and network segmentation enforcement.
Analyze system and network logs to identify suspicious or unauthorized activities.
Coordinate with cybersecurity teams to respond to incidents and mitigate vulnerabilities.
Monitor SIEM platforms IDS/IPS systems endpoint protection tools and other security monitoring systems.
Investigate security alerts and escalate incidents based on severity and impact.
Perform analysis of network traffic and endpoint telemetry to identify indicators of compromise.
Track and document incident investigations and response activities.
Provide operational monitoring support during high-volume security events or incidents.
Manage firewall rules to enforce least privilege and default-deny access policies.
Support configuration management and change control processes for firewall rule updates.
Conduct routine firewall rule reviews to identify obsolete or unnecessary access rules.
Validate firewall configurations and ensure compliance with HHS and NIH security standards.
Support network segmentation and security zone management to protect sensitive systems.
Validate and monitor logs generated by network and security devices.
Ensure logging configurations comply with federal cybersecurity guidance including OMB M-21-31.
Analyze log data to identify anomalies policy violations or indicators of malicious activity.
Assist with cybersecurity compliance activities and audit preparation.