Incident Response Analyst
Location
United States
Posted
2 days ago
Salary
Not specified
Seniority
Mid Level
Job Description
Role Description
cFocus Software seeks an Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is remote and requires a Public Trust clearance.
- Monitor security alerts and respond to cybersecurity incidents affecting NCATS systems.
- Conduct incident triage, analysis, containment, eradication, and recovery activities.
- Coordinate incident response activities with NCATS IT teams, security leadership, and NIH cybersecurity teams.
- Maintain incident documentation and prepare incident response reports.
- Support development and improvement of incident response procedures and playbooks.
- Investigate and analyze security incidents to determine root cause, scope, and impact.
- Perform technical analysis of system logs, network activity, and endpoint data during investigations.
- Coordinate containment and remediation actions for identified incidents.
- Maintain incident tickets and track investigation progress.
- Develop post-incident analysis reports and recommend improvements to strengthen defenses.
- Support operational cybersecurity monitoring and response activities.
- Assist with security monitoring tools such as SIEM, intrusion detection systems, and endpoint protection systems.
- Participate in threat hunting and vulnerability mitigation activities.
- Provide technical support for incident response exercises and security testing activities.
- Support secure firewall management and network security monitoring activities.
- Assist with implementation of firewall rules following least-privilege and default-deny principles.
- Participate in firewall rule reviews and validation of network traffic logs.
- Support monitoring of network segmentation controls and security zones.
- Validate logging configurations to ensure compliance with federal logging requirements.
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related technical discipline.
- Minimum 2–5 years of experience supporting cybersecurity operations or incident response activities.
- Experience supporting incident response investigations and remediation activities.
- Familiarity with SIEM tools, log analysis, and threat detection technologies.
- Understanding of NIST cybersecurity frameworks and federal security requirements.
- Ability to analyze security alerts and investigate potential cybersecurity incidents.
- Strong analytical, documentation, and communication skills.
Job Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related technical discipline.
- Minimum 2–5 years of experience supporting cybersecurity operations or incident response activities.
- Experience supporting incident response investigations and remediation activities.
- Familiarity with SIEM tools, log analysis, and threat detection technologies.
- Understanding of NIST cybersecurity frameworks and federal security requirements.
- Ability to analyze security alerts and investigate potential cybersecurity incidents.
- Strong analytical, documentation, and communication skills.
Related Guides
Related Categories
Related Job Pages
More Incident Response Analyst Jobs
Incident Response Analyst - SkillBridge (Remote)
CrowdStrikeCrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks. The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team. We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
The analyst will support the Incident Response lifecycle by triaging and investigating security detections, taking appropriate actions such as live response, containment, or escalation. They will also be responsible for developing detection criteria, identifying data gaps, providing security reporting, and driving process documentation for incident response.
The agent designs portions of engineering solutions utilizing multiple engineering disciplines for products, systems, software, and solutions based on established principles. Responsibilities also include developing and implementing parameters and test plans for existing designs, collaborating with development partners, and participating as a project team member to develop reliable, cost-effective solutions.
The Wind Global Investigation and Learning and Emergency Response Lead is responsible for supporting EHS specifically in the areas of event reporting, investigation, and learning activities including Root Cause Analysis (RCA) and 5 why methodologies. Additionally, the role will s...
The specialist will monitor security alerts and respond to cybersecurity incidents affecting NCATS systems, conducting triage, containment, eradication, and recovery activities. Duties also include coordinating response efforts, maintaining documentation, and supporting the improvement of incident response procedures and playbooks.
