← all jobs

NIH - Incident Response Lead

Work from home Full-time role Hiring

cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications:Public Trust Clearance B.S. Computer Science, Information Technology, or a related field 7+ years leading enterprise incident response activities. Experience supporting federal cybersecurity programs and Security Operations Centers. Experience coordinating enterprise cyber investigations involving cloud and hybrid environments. Experience implementing NIST incident response methodologies. Active GCIH, GCFA, GNFA, CISSP, CEH, CySA+, Security+, CISM, or CCSP Duties:Lead enterprise cybersecurity incident response operations across NIH information systems. Direct technical response activities throughout the incident response lifecycle including preparation, identification, containment, eradication, recovery, and post-incident activities. Coordinate response efforts for high-impact cybersecurity incidents affecting enterprise infrastructure, cloud services, applications, and data. Serve as the primary technical advisor during cybersecurity incidents and major security events. Manage incident prioritization, escalation, resource coordination, and operational communications. Ensure incident response activities comply with NIH policies, HHS guidance, NIST standards, and federal cybersecurity requirements. Lead technical investigations involving malware infections, unauthorized access, insider threats, ransomware, phishing campaigns, data exfiltration, and advanced persistent threats (APTs). Coordinate root cause analysis and determine attack vectors, affected assets, and operational impact. Analyze indicators of compromise (IOCs), indicators of attack (IOAs), adversary tactics, techniques, and procedures (TTPs), and attack patterns. Coordinate evidence collection and preservation activities supporting investigations. Validate containment strategies and recovery actions. Ensure accurate documentation of incident timelines, findings, corrective actions, and lessons learned. Coordinate with Security Operations Center analysts during incident detection and response activities. Oversee incident triage, escalation procedures, and operational communications. Direct coordination between cybersecurity engineers, cloud engineers, infrastructure teams, system owners, ISSOs, and application administrators. Support continuous monitoring and operational readiness activities. Develop executive incident reports, after-action reports, technical findings, and corrective action recommendations. Prepare briefings for Government leadership regarding significant cybersecurity events. Maintain incident response metrics, trends, dashboards, and performance reporting. Ensure timely reporting in accordance with federal cybersecurity reporting requirements.

More open positions

NIH - Vulnerability Analyst

Work from home Full-time role

NIH - ISSO

Work from home Full-time role

NIH - Program Manager

Work from home Full-time role

Kyrgyz-Speaking Translator

Work from home Full-time role

QA Lead

Work from home Full-time role

Senior Software Engineer - Remote

Work from home Full-time role

[Remote] Senior SQL and Power BI Developer

Work from home Full-time role

[Remote] Senior Data & Analytics Consultant

Work from home Full-time role

Remote AI Software Engineer – Advanced Machine Learning & AI Solutions for Aviation Innovation at careerzynith

Work from home Full-time role

Web3 Growth and Digital Marketing Manager

Work from home Full-time role

Remote Customer Service Coordinator – Entry‑Level Remote Role with careerzynith’s Global E‑Commerce Support Team

Work from home Full-time role

LICSW, LCSW, MSW REMOTE or HYBRID

Work from home Full-time role

IoT Engineer (Industrial IoT)

Work from home Full-time role

Entry Level Content Writer

Work from home Full-time role

Research Intern - REMOTE

Work from home Full-time role

Director, Resource-Led Planning COE Lead

Work from home Full-time role

Government Consultant - Systems and Encounters Specialist

Work from home Full-time role

TRAIN ON‑SITE & REMOTE CUSTOMER SERVICE REPRESENTATIVE – Full‑Time & Part‑Time – Inbound Support, Technical Troubleshooting & Sales Enablement

Work from home Full-time role

Senior Security Engineer

Work from home Full-time role

[Remote] Onboarding Consultant I, Menu Multilingual Onboarding (Spanish)

Work from home Full-time role

Remote Chat Support Specialist – Unlock a High-Paying Career from Home ($25-$35/hr)

Work from home Full-time role