NIH - Security Operations / Firewall Analyst
Location
United States
Posted
2 days ago
Salary
Not specified
Seniority
Mid Level
Job Description
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
- Minimum 3–5 years of experience supporting security operations, network security monitoring, or firewall administration.
- Experience with SIEM platforms and cybersecurity monitoring tools.
- Familiarity with IDS/IPS systems, endpoint security solutions, and network security technologies.
- Experience supporting firewall administration and rule management.
- Understanding of federal cybersecurity frameworks such as NIST RMF and FISMA.
- Strong analytical, troubleshooting, and documentation skills.
- Monitor cybersecurity tools and alerts to detect and respond to potential security incidents.
- Support Security Operations Center (SOC) activities including threat monitoring and alert analysis.
- Assist with firewall configuration, rule management, and network segmentation enforcement.
- Analyze system and network logs to identify suspicious or unauthorized activities.
- Coordinate with cybersecurity teams to respond to incidents and mitigate vulnerabilities.
- Monitor SIEM platforms, IDS/IPS systems, endpoint protection tools, and other security monitoring systems.
- Investigate security alerts and escalate incidents based on severity and impact.
- Perform analysis of network traffic and endpoint telemetry to identify indicators of compromise.
- Track and document incident investigations and response activities.
- Provide operational monitoring support during high-volume security events or incidents.
- Manage firewall rules to enforce least privilege and default-deny access policies.
- Support configuration management and change control processes for firewall rule updates.
- Conduct routine firewall rule reviews to identify obsolete or unnecessary access rules.
- Validate firewall configurations and ensure compliance with HHS and NIH security standards.
- Support network segmentation and security zone management to protect sensitive systems.
- Validate and monitor logs generated by network and security devices.
- Ensure logging configurations comply with federal cybersecurity guidance including OMB M-21-31.
- Analyze log data to identify anomalies, policy violations, or indicators of malicious activity.
- Assist with cybersecurity compliance activities and audit preparation.
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
This role focuses on leading and supporting end-to-end security incident investigations, ensuring processes are followed, evidence is preserved, and risks are understood. The lead will also coordinate crisis execution during major incidents, translating technical findings for various stakeholders.
This role involves leading the technical merger of acquired entities into a hardened Microsoft 365 tenant, owning IAM systems like Okta, and managing SaaS governance and endpoint automation. Additionally, the manager will act as the primary contact for the MSSP, oversee security operations, and document compliance requirements for FedRAMP and NIST 800-171.
Investigations Specialist (Home-Based) (Open to Tier 1 and 2)
UNDPUN Women works for the elimination of discrimination against women and girls; the empowerment of women; and the achievement of equality between women and men as partners and beneficiaries of development, human rights, humanitarian action and peace and security.
The specialist will conduct highly complex investigations into allegations of fraud, abuse, and misconduct, ensuring actions align with Company rules and international standards. Key duties include planning and executing investigations, collecting and analyzing evidence, conducting interviews, updating case files, preparing high-quality reports, and liaising with relevant internal and external partners.
Security Operations Engineer managing cybersecurity threats at CivicPlus.
