cFocus Software seeks a Sr. Incident Response Analyst to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance.
Qualifications:- Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
- 7+ years of experience in a SOC, cybersecurity operations, or IT security role.
- Experience with SIEM tools (e.g., Splunk), EDR solutions, and log analysis.
- Understanding of networking concepts, operating systems, and cybersecurity principles.
- Familiarity with incident response processes and security monitoring tools.
Duties:- Monitor security events and alerts using SIEM, SOAR, EDR, and other SOC tools in a 24/7/365 environment.
- Perform initial triage and analysis of security alerts to determine severity, impact, and validity.
- Identify and respond to potential security incidents including malware, phishing, unauthorized access, and anomalous behavior.
- Escalate confirmed or high-risk incidents to Tier 2/3 analysts and incident response teams.
- Document incidents, actions taken, and findings in ticketing systems (e.g., ServiceNow).
- Support continuous monitoring of network, endpoint, and cloud environments.
- Analyze logs from multiple sources (network, application, cloud, endpoint) to detect suspicious activity.
- Track and report on security incidents, including metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
- Assist in vulnerability monitoring, including tracking Known Exploited Vulnerabilities (KEVs) and reporting findings.
- Participate in incident response activities and support containment and remediation efforts.
- Follow standard operating procedures (SOPs) and playbooks for incident handling and escalation.
- Maintain situational awareness of emerging threats and vulnerabilities.
- Support shift handoffs and maintain clear communication across SOC teams.
- Contribute to SOC reporting, dashboards, and documentation.