NIH - Incident Response Lead
Full-time
cFocus Software Incorporated
cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 7+ years leading enterprise incident response activities.
- Experience supporting federal cybersecurity programs and Security Operations Centers.
- Experience coordinating enterprise cyber investigations involving cloud and hybrid environments.
- Experience implementing NIST incident response methodologies.
- Active GCIH, GCFA, GNFA, CISSP, CEH, CySA+, Security+, CISM, or CCSP
- Lead enterprise cybersecurity incident response operations across NIH information systems.
- Direct technical response activities throughout the incident response lifecycle including preparation, identification, containment, eradication, recovery, and post-incident activities.
- Coordinate response efforts for high-impact cybersecurity incidents affecting enterprise infrastructure, cloud services, applications, and data.
- Serve as the primary technical advisor during cybersecurity incidents and major security events.
- Manage incident prioritization, escalation, resource coordination, and operational communications.
- Ensure incident response activities comply with NIH policies, HHS guidance, NIST standards, and federal cybersecurity requirements.
- Lead technical investigations involving malware infections, unauthorized access, insider threats, ransomware, phishing campaigns, data exfiltration, and advanced persistent threats (APTs).
- Coordinate root cause analysis and determine attack vectors, affected assets, and operational impact.
- Analyze indicators of compromise (IOCs), indicators of attack (IOAs), adversary tactics, techniques, and procedures (TTPs), and attack patterns.
- Coordinate evidence collection and preservation activities supporting investigations.
- Validate containment strategies and recovery actions.
- Ensure accurate documentation of incident timelines, findings, corrective actions, and lessons learned.
- Coordinate with Security Operations Center analysts during incident detection and response activities.
- Oversee incident triage, escalation procedures, and operational communications.
- Direct coordination between cybersecurity engineers, cloud engineers, infrastructure teams, system owners, ISSOs, and application administrators.
- Support continuous monitoring and operational readiness activities.
- Develop executive incident reports, after-action reports, technical findings, and corrective action recommendations.
- Prepare briefings for Government leadership regarding significant cybersecurity events.
- Maintain incident response metrics, trends, dashboards, and performance reporting.
- Ensure timely reporting in accordance with federal cybersecurity reporting requirements.
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the NIH - Incident Response Lead in Bethesda, MD vacancy
$110k - $130k
...Development InfoStructure LLC., (Devis) is a leading provider of innovative software... ...public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for... ...Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information...SuggestedFull timeWork at officeMonday to Friday- Full-Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community and Family Policy (MC&FP). This role supports IT, Cybersecurity, and Data Operations - Core Operations and helps...SuggestedFull timeContract workPart timeShift workNight shift
- ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers... ...years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and...Suggested
- ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world...SuggestedImmediate startFlexible hours
- ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’...Suggested
- ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data...Contract work
- byebyeoffice is seeking a Cybersecurity Engineer / Team Lead in Arlington (REMOTE). In this role, you will provide technical leadership... ...experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the...Remote job
- A cybersecurity firm located in Falls Church, Virginia, seeks a Security Operations Center (SOC) Lead to manage daily security operations, coordinate incident response activities, and oversee SOC analysts. Candidates should have over 12 years of experience in cybersecurity...
$116.9k - $243.1k
A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity...- Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience...
- A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and...
$116.9k - $243.1k
...government forward! Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle of... ...improvements to client’s security posture. Key Responsibilities Lead CIRT operations in advanced incident response...Live inWork at officeLocal area$207k - $301k
Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in...- ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has...
$130k - $170k
...senior technical position focuses on advanced threat detection, incident response, and forensic analysis within a SOC environment. Candidates... ...response and cyber forensics. Responsibilities include leading investigations, mentoring junior analysts, and integrating threat...- Nightwing is seeking an Enterprise Architect and Project Lead to support critical cyber-incident response missions for U.S. Government clients. This role involves leading technology insertion teams, developing workflows, and delivering strategic planning documentation....
- ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along...
$195k - $205k
...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree...- ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write...For contractors
- ...frontline supervisory position responsible for directing, coordinating,... ...section or shift at the NIH Clinical Center, Bethesda, MD... ...requirements. The Supervisor directly leads EVS technicians and aides,... ...and follow NIH and Teya incident reporting protocols. • Coordinates...Contract workWork at officeLocal areaImmediate startShift workNight shiftAfternoon shift
- Powder River Industries is seeking a mission-driven NOC Lead in Washington, DC, to ensure the operational integrity of IT services. This role involves overseeing performance, managing incidents, and leading a team for continuous improvement. The ideal candidate has expertise...For contractorsNight shift
- KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders...
- ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a...
$138k - $209k
AIS (Applied Information Sciences) is seeking a qualified Security Architect to lead incident response activities and manage cybersecurity threats effectively. The candidate will develop strategies, frameworks, and ensure adherence to security protocols, working closely...$140k - $160k
...Job Description Job Description SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical... ...Decisions is seeking an experienced Tier 2 Shift Lead for the Cyber Incident Response Team to support our customer's Federal Strategic Cyber Mission...Contract workLocal areaAll shiftsShift work- ...Overview Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential government client. The Lead Incident... ...the central point of accountability for day-to-day incident response operations, providing leadership and direction in high-...Contract workFlexible hours
$138k - $209k
...on projects that matter, alongside industry-leading experts, in an environment that fosters innovation... ...support the unique needs of our client as a Incident Management Lead. Project Summary The Incident Management Lead is responsible for directing enterprise-wide incident...Contract workTemporary work- ...Geospatial & Cloud Analytics (GCA) is seeking a mission-driven Rapid Response Team Lead to support the high-priority, time-sensitive operational... ...activities, VIP support in GO/Flag quarters, and immediate incident response across critical infrastructure. The ideal...Full timeContract workImmediate startWorldwideNight shift
- A veteran-owned technology company based in Washington, DC, is seeking a Rapid Response Team Lead to oversee urgent operational requirements and incident responses. The ideal candidate will have strong leadership skills and extensive experience with DoD IT operations....
$164.38k - $195.5k
...an IT Network Security Team Lead, the work you’ll do at GDIT will... ...Section. This role is responsible for overseeing the implementation... ...efforts in compliance with HHS and NIH directives (e.g., HSPD-7).... ...point for complex security incidents and technical challenges. Program...Temporary workFor contractorsWork experience placementWork at officeImmediate startWorldwideFlexible hours3 days per week
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to NIH - Incident Response Lead. Be the first to apply!

