NIH Incident Response Lead


Job Location:

Bethesda, MD - USA

Monthly Salary: Not Disclosed
Posted on: 3 days ago
Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science Information Technology or a related field
  • 7 years leading enterprise incident response activities.
  • Experience supporting federal cybersecurity programs and Security Operations Centers.
  • Experience coordinating enterprise cyber investigations involving cloud and hybrid environments.
  • Experience implementing NIST incident response methodologies.
  • Active GCIH GCFA GNFA CISSP CEH CySA Security CISM or CCSP

Duties:
  • Lead enterprise cybersecurity incident response operations across NIH information systems.
  • Direct technical response activities throughout the incident response lifecycle including preparation identification containment eradication recovery and post-incident activities.
  • Coordinate response efforts for high-impact cybersecurity incidents affecting enterprise infrastructure cloud services applications and data.
  • Serve as the primary technical advisor during cybersecurity incidents and major security events.
  • Manage incident prioritization escalation resource coordination and operational communications.
  • Ensure incident response activities comply with NIH policies HHS guidance NIST standards and federal cybersecurity requirements.
  • Lead technical investigations involving malware infections unauthorized access insider threats ransomware phishing campaigns data exfiltration and advanced persistent threats (APTs).
  • Coordinate root cause analysis and determine attack vectors affected assets and operational impact.
  • Analyze indicators of compromise (IOCs) indicators of attack (IOAs) adversary tactics techniques and procedures (TTPs) and attack patterns.
  • Coordinate evidence collection and preservation activities supporting investigations.
  • Validate containment strategies and recovery actions.
  • Ensure accurate documentation of incident timelines findings corrective actions and lessons learned.
  • Coordinate with Security Operations Center analysts during incident detection and response activities.
  • Oversee incident triage escalation procedures and operational communications.
  • Direct coordination between cybersecurity engineers cloud engineers infrastructure teams system owners ISSOs and application administrators.
  • Support continuous monitoring and operational readiness activities.
  • Develop executive incident reports after-action reports technical findings and corrective action recommendations.
  • Prepare briefings for Government leadership regarding significant cybersecurity events.
  • Maintain incident response metrics trends dashboards and performance reporting.
  • Ensure timely reporting in accordance with federal cybersecurity reporting requirements.

Required Experience:

Senior IC

cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.Qualifications:Public Trust ClearanceB.S. Computer Science Inf...

About Company

Company Logo

Our exclusive ATO as a Serviceā„¢ software & expert services automate FISMA RMF & FedRAMP compliance.

View Profile View Profile