[< BACK]
// POSTED: Apr 13, 2026

HHS - Incident Responder

APPLY NOW
About the position cFocus Software seeks a Incident Responder to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Responsibilities • Monitor, triage, and respond to cybersecurity alerts and incidents in accordance with HRSA Incident Response Plans and SOC SOPs. • Perform incident analysis to determine scope, impact, root cause, and affected systems. • Execute containment, eradication, and recovery actions for cybersecurity incidents. • Respond to malware infections, phishing campaigns, ransomware, insider threats, and data breaches. • Collect, preserve, and analyze evidence in accordance with chain-of-custody requirements. • Support forensic analysis and coordinate with digital forensics and threat hunting teams. • Document incident activities, timelines, findings, and remediation actions within defined SLAs. • Prepare incident reports, notifications, and after-action reports for HRSA and HHS stakeholders. • Coordinate incident response activities with SOC Analysts, ISSOs, system owners, Privacy Officials, and leadership. • Support reporting requirements to HHS CSIRC, CISA, and other federal entities as required. • Participate in incident response drills, tabletop exercises, and cyber exercises. • Support continuous improvement of incident response playbooks, SOPs, and workflows. • Assist with remediation validation and lessons-learned activities following incident closure. Requirements • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. • Minimum 4–7 years of experience in incident response, SOC operations, or cybersecurity operations. • Hands-on experience responding to enterprise cybersecurity incidents. • Strong understanding of NIST SP 800-61, NIST SP 800-53, and federal incident response requirements. • Experience analyzing logs, alerts, malware, and security events. • Ability to work effectively under pressure during active incidents. • Strong written and verbal communication skills. Nice-to-haves • Active GCIH, CISSP, CEH, or Security+ (preferred).
APPLY NOW

More Remote Jobs

**Experienced Full Stack Data Entry Specialist – E-commerce Operations and Customer Experience**Apr 12, 2026Account Executive: LATAM (Portuguese or Spanish Speaking)Apr 14, 2026Forward Deployed EngineerApr 13, 2026Backend Engineer: AI Shopping Agents (Remote)Apr 12, 2026Manager - Business DevelopmentApr 16, 2026Remote Medical Transcription-AuditingApr 13, 2026**Experienced Customer Support Representative – Process and Packaging Technology**Apr 13, 2026Clinical Applications Trainer - EEG ContractorApr 14, 2026Production Design Manager (Remote - US Based)Apr 13, 2026**Experienced Live Chat Support Specialists – Remote Customer Service Representatives for arenaflex**Apr 14, 2026Azure Cloud Engineer- Hybrid ScheduleApr 12, 2026Senior Application Security EngineerApr 12, 2026Sr. Generative AI & Machine Learning EngineerApr 15, 2026**Experienced Associate Director, End-to-End Customer Experience (ESRO) – Remote Opportunity at arenaflex**Apr 13, 2026Senior Software Engineer, Developer Tools for C...Apr 12, 2026
Interested in this role?Apply on iHire