Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

NIH - Incident Response Lead

Full-time

cFocus Software Incorporated

cFocus Software seeks a Incident Response Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 7+ years leading enterprise incident response activities.
  • Experience supporting federal cybersecurity programs and Security Operations Centers.
  • Experience coordinating enterprise cyber investigations involving cloud and hybrid environments.
  • Experience implementing NIST incident response methodologies.
  • Active GCIH, GCFA, GNFA, CISSP, CEH, CySA+, Security+, CISM, or CCSP
Duties:
  • Lead enterprise cybersecurity incident response operations across NIH information systems.
  • Direct technical response activities throughout the incident response lifecycle including preparation, identification, containment, eradication, recovery, and post-incident activities.
  • Coordinate response efforts for high-impact cybersecurity incidents affecting enterprise infrastructure, cloud services, applications, and data.
  • Serve as the primary technical advisor during cybersecurity incidents and major security events.
  • Manage incident prioritization, escalation, resource coordination, and operational communications.
  • Ensure incident response activities comply with NIH policies, HHS guidance, NIST standards, and federal cybersecurity requirements.
  • Lead technical investigations involving malware infections, unauthorized access, insider threats, ransomware, phishing campaigns, data exfiltration, and advanced persistent threats (APTs).
  • Coordinate root cause analysis and determine attack vectors, affected assets, and operational impact.
  • Analyze indicators of compromise (IOCs), indicators of attack (IOAs), adversary tactics, techniques, and procedures (TTPs), and attack patterns.
  • Coordinate evidence collection and preservation activities supporting investigations.
  • Validate containment strategies and recovery actions.
  • Ensure accurate documentation of incident timelines, findings, corrective actions, and lessons learned.
  • Coordinate with Security Operations Center analysts during incident detection and response activities.
  • Oversee incident triage, escalation procedures, and operational communications.
  • Direct coordination between cybersecurity engineers, cloud engineers, infrastructure teams, system owners, ISSOs, and application administrators.
  • Support continuous monitoring and operational readiness activities.
  • Develop executive incident reports, after-action reports, technical findings, and corrective action recommendations.
  • Prepare briefings for Government leadership regarding significant cybersecurity events.
  • Maintain incident response metrics, trends, dashboards, and performance reporting.
  • Ensure timely reporting in accordance with federal cybersecurity reporting requirements.

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the NIH - Incident Response Lead in Bethesda, MD vacancy
  • $110k - $130k

     ...Development InfoStructure LLC., (Devis) is a leading provider of innovative software...  ...public sector. Job Overview The SOC / Incident Response Lead serves as the operational leader for...  ...Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information... 
    Suggested
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    12 hours ago
  • Full-Time/Part-Time Full-Time Description RiVidium is seeking an Incident Response Lead to support our planned MODES III team supporting Military Community and Family Policy (MC&FP). This role supports IT, Cybersecurity, and Data Operations - Core Operations and helps... 
    Suggested
    Full time
    Contract work
    Part time
    Shift work
    Night shift

    Rividium Inc

    Alexandria, VA
    3 days ago
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers...  ...years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and... 
    Suggested

    Accenture

    Washington DC
    4 days ago
  •  ...We have a new and exciting role available within our Cyber Security division for an Incident Response Engagement Lead in the United States. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world... 
    Suggested
    Immediate start
    Flexible hours

    S-RM Intelligence and Risk Consulting

    Washington DC
    4 days ago
  •  ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor’... 
    Suggested

    EmergencyMD

    Washington DC
    19 hours ago
  •  ...Incident Response Lead ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data... 
    Contract work

    Navstar

    Washington DC
    2 days ago
  • byebyeoffice is seeking a Cybersecurity Engineer / Team Lead in Arlington (REMOTE). In this role, you will provide technical leadership...  ...experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the... 
    Remote job

    byebyeoffice

    Arlington, VA
    2 days ago
  • A cybersecurity firm located in Falls Church, Virginia, seeks a Security Operations Center (SOC) Lead to manage daily security operations, coordinate incident response activities, and oversee SOC analysts. Candidates should have over 12 years of experience in cybersecurity... 

    ZTI Solutions LLC

    Falls Church, VA
    1 day ago
  • $116.9k - $243.1k

    A leading technology firm is seeking a CIRT Lead in Arlington, Virginia. This role involves managing 24x7 cyber incident response and overseeing the entire investigation lifecycle, while enhancing the client’s security posture. Candidates should have over 5 years in cybersecurity... 

    Accenture

    Arlington, VA
    4 days ago
  • Kapili Services, LLC is seeking an Incident Responder/Incident Response Coordinator to offer support for government clients in Arlington, VA. The ideal candidate will have a four year degree in information technology and a minimum of eight years of relevant experience... 

    Kapili Services, LLC

    Arlington, VA
    3 days ago
  • A dynamic Woman Owned Small Business is seeking a Senior Incident Response Coordinator for their Program Management and Cyber Support Services project in Arlington, Virginia. The role entails coordinating cyber incident responses, managing stakeholder communications, and... 

    Zantech

    Arlington, VA
    5 days ago
  • $116.9k - $243.1k

     ...government forward! Overview We are hiring a CIRT Lead to manage 24x7x365 front‑line defense against cyber incidents. You will oversee the full lifecycle of...  ...improvements to client’s security posture. Key Responsibilities Lead CIRT operations in advanced incident response... 
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    4 days ago
  • $207k - $301k

    Google is seeking a Security Engineer in Washington D.C. You will be responsible for managing incident response operations and forensics while collaborating with software engineers to fix vulnerabilities. You should have a Bachelor's degree and substantial experience in... 

    Google

    Washington DC
    3 days ago
  •  ...seeking a hands-on technical leader for its Cyber Investigation and Forensic Response practice in Arlington, Virginia. This role involves conducting complex forensic analyses, leading incident response efforts, and mentoring junior investigators. The ideal candidate has... 

    Accenture

    Arlington, VA
    5 days ago
  • $130k - $170k

     ...senior technical position focuses on advanced threat detection, incident response, and forensic analysis within a SOC environment. Candidates...  ...response and cyber forensics. Responsibilities include leading investigations, mentoring junior analysts, and integrating threat... 

    ActioNet, Inc.

    Rockville, MD
    3 days ago
  • Nightwing is seeking an Enterprise Architect and Project Lead to support critical cyber-incident response missions for U.S. Government clients. This role involves leading technology insertion teams, developing workflows, and delivering strategic planning documentation.... 

    Nightwing

    Arlington, VA
    2 days ago
  •  ...seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant experience, along... 

    Insight Global

    Arlington, VA
    1 day ago
  • $195k - $205k

     ...IT operations, ensuring compliance with DoD standards, and leading a team in providing technical support. Key responsibilities include preparing Monthly IPRs, ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have a Bachelor’s degree... 

    Akima

    Alexandria, VA
    5 days ago
  •  ...Forensics Analyst to provide advanced technical support for cybersecurity incidents. This position requires US citizenship, TS/SCI clearance, and strong skills in cyber forensics and incident response. The candidate will oversee teams, assist in investigations, and write... 
    For contractors

    NewGen Technologies

    Arlington, VA
    1 day ago
  •  ...frontline supervisory position responsible for directing, coordinating,...  ...section or shift at the NIH Clinical Center, Bethesda, MD...  ...requirements. The Supervisor directly leads EVS technicians and aides,...  ...and follow NIH and Teya incident reporting protocols. • Coordinates... 
    Contract work
    Work at office
    Local area
    Immediate start
    Shift work
    Night shift
    Afternoon shift

    Teya Development LLC

    Bethesda, MD
    2 days ago
  • Powder River Industries is seeking a mission-driven NOC Lead in Washington, DC, to ensure the operational integrity of IT services. This role involves overseeing performance, managing incidents, and leading a team for continuous improvement. The ideal candidate has expertise... 
    For contractors
    Night shift

    Powder River Industries LLC

    Washington DC
    4 days ago
  • KellyMitchell Group is seeking a Vulnerability Management Team Lead in Bethesda, Maryland. In this role, you will lead a team to develop and execute a comprehensive vulnerability management program, overseeing daily operations and coordinating with various stakeholders... 

    KellyMitchell Group

    Bethesda, MD
    3 days ago
  •  ...is looking for a CSOC Tier 2 Analyst to oversee the Tier 2 team in Rockville, MD. This vital role involves leading security analysts and managing security incidents effectively within a cybersecurity environment. The ideal candidate should have 5+ years of experience, a... 

    EmergencyMD

    Rockville, MD
    1 day ago
  • $138k - $209k

    AIS (Applied Information Sciences) is seeking a qualified Security Architect to lead incident response activities and manage cybersecurity threats effectively. The candidate will develop strategies, frameworks, and ensure adherence to security protocols, working closely... 

    AIS (Applied Information Sciences)

    Alexandria, VA
    4 days ago
  • $140k - $160k

     ...Job Description Job Description SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical...  ...Decisions is seeking an experienced Tier 2 Shift Lead for the Cyber Incident Response Team to support our customer's Federal Strategic Cyber Mission... 
    Contract work
    Local area
    All shifts
    Shift work

    SkyePoint Decisions

    Beltsville, MD
    a month ago
  •  ...Overview Evolver Federal is seeking a Lead Incident Responder to fulfill a requirement for a potential government client. The Lead Incident...  ...the central point of accountability for day-to-day incident response operations, providing leadership and direction in high-... 
    Contract work
    Flexible hours

    EmergencyMD

    Washington DC
    19 hours ago
  • $138k - $209k

     ...on projects that matter, alongside industry-leading experts, in an environment that fosters innovation...  ...support the unique needs of our client as a Incident Management Lead. Project Summary The Incident Management Lead is responsible for directing enterprise-wide incident... 
    Contract work
    Temporary work

    Applied Information Sciences

    Alexandria, VA
    4 days ago
  •  ...Geospatial & Cloud Analytics (GCA) is seeking a mission-driven Rapid Response Team Lead to support the high-priority, time-sensitive operational...  ...activities, VIP support in GO/Flag quarters, and immediate incident response across critical infrastructure. The ideal... 
    Full time
    Contract work
    Immediate start
    Worldwide
    Night shift

    Geospatial And Cloud Analytics Inc

    Washington DC
    3 days ago
  • A veteran-owned technology company based in Washington, DC, is seeking a Rapid Response Team Lead to oversee urgent operational requirements and incident responses. The ideal candidate will have strong leadership skills and extensive experience with DoD IT operations.... 

    Geospatial And Cloud Analytics Inc

    Washington DC
    2 days ago
  • $164.38k - $195.5k

     ...an IT Network Security Team Lead, the work you’ll do at GDIT will...  ...Section. This role is responsible for overseeing the implementation...  ...efforts in compliance with HHS and NIH directives (e.g., HSPD-7)....  ...point for complex security incidents and technical challenges. Program... 
    Temporary work
    For contractors
    Work experience placement
    Work at office
    Immediate start
    Worldwide
    Flexible hours
    3 days per week

    General Dynamics Information Technology

    Bethesda, MD
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to NIH - Incident Response Lead. Be the first to apply!