HHS - Incident Responder

Remote Full-time
cFocus Software seeks a Incident Responder to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. • Minimum 4–7 years of experience in incident response, SOC operations, or cybersecurity operations. • Hands-on experience responding to enterprise cybersecurity incidents. • Strong understanding of NIST SP 800-61, NIST SP 800-53, and federal incident response requirements. • Experience analyzing logs, alerts, malware, and security events. • Ability to work effectively under pressure during active incidents. • Strong written and verbal communication skills. • Active GCIH, CISSP, CEH, or Security+ (preferred). Duties: • Monitor, triage, and respond to cybersecurity alerts and incidents in accordance with HRSA Incident Response Plans and SOC SOPs. • Perform incident analysis to determine scope, impact, root cause, and affected systems. • Execute containment, eradication, and recovery actions for cybersecurity incidents. • Respond to malware infections, phishing campaigns, ransomware, insider threats, and data breaches. • Collect, preserve, and analyze evidence in accordance with chain-of-custody requirements. • Support forensic analysis and coordinate with digital forensics and threat hunting teams. • Document incident activities, timelines, findings, and remediation actions within defined SLAs. • Prepare incident reports, notifications, and after-action reports for HRSA and HHS stakeholders. • Coordinate incident response activities with SOC Analysts, ISSOs, system owners, Privacy Officials, and leadership. • Support reporting requirements to HHS CSIRC, CISA, and other federal entities as required. • Participate in incident response drills, tabletop exercises, and cyber exercises. • Support continuous improvement of incident response playbooks, SOPs, and workflows. • Assist with remediation validation and lessons-learned activities following incident closure. Apply tot his job
Apply Now →

Similar Jobs

Cybersecurity Specialist (Lead or Senior Level)

Remote Full-time

Splunk Cybersecurity SME

Remote Full-time

Cyber Security Analyst - Level III job at MIT Lincoln Laboratory in Lexington, MA

Remote Full-time

Cybersecurity Risk Manager - Healthcare job at Baylor Scott & White Health in Dallas, TX

Remote Full-time

Account Manager - Cybersecurity | Remote, Northern KY/Southern IN

Remote Full-time

Cybersecurity Analyst (Cybersecurity Analyst, Staff)

Remote Full-time

Cybersecurity Writer (Remote) | Eleven Writing | Remote (Worldwide)

Remote Full-time

Virtual Data Analyst Full Time (100% Remote)

Remote Full-time

GenAI Security Researcher, Open Ranks

Remote Full-time

Senior Embedded Vulnerability Researcher

Remote Full-time

Experienced Head of Communications - Driving Business Growth and Brand Visibility for Innovative Legal Tech Company

Remote Full-time

**Experienced Entry-Level Data Entry Specialist – Kickstart Your Career in Data Management at arenaflex**

Remote Full-time

Associate Manager US Clinical Operations RN

Remote Full-time

**Experienced Customer Service Representative – Remote Work Opportunity with arenaflex**

Remote Full-time

Political and Public Affairs Consultant

Remote Full-time

Customer Happiness Intern - Remote

Remote Full-time

Experienced Part-Time Remote Administrative Assistant – Data Entry and Customer Service Expert – Flexible Work from Home Opportunity with arenaflex – No Experience Required – Ages 16+

Remote Full-time

Financial Operations Analyst - Carson, CA

Remote Full-time

Senior Backend Developer (Python)

Remote Full-time

Recruiter (Dallas, TX, Remote)

Remote Full-time
← Back to Home