Incident Response Lead / Cybersecurity Operations Lead

About The Position

Requirements

• Bachelor’s degree in cybersecurity, information technology, computer science, or related field.
• Minimum 8 years of experience in cybersecurity operations or incident response.
• Experience performing digital forensics, malware analysis, and threat investigation.
• Experience supporting federal cybersecurity incident response programs.
• CISSP (required) and one or more of the following certifications:
• GIAC Certified Incident Handler (GCIH) | • GIAC Certified Intrusion Analyst (GCIA) | • Certified Ethical Hacker (CEH) | • Security+

Nice To Haves

• Experience supporting federal incident response operations or Security Operations Centers.
• Familiarity with threat intelligence platforms and vulnerability management tools.
• Experience working with federal cybersecurity reporting requirements.

Responsibilities

• Lead incident response coordination for cybersecurity and privacy incidents affecting NCATS systems.
• Perform incident triage, event analysis, and threat identification activities.
• Coordinate response actions with NCATS IT teams, system owners, and federal cybersecurity teams.
• Investigate potential security events and determine whether incidents have occurred.
• Conduct malware analysis and forensic investigations as required.
• Document incident response activities and maintain incident tracking records.
• Prepare incident response reports and provide recommendations for remediation.
• Support vulnerability management and risk mitigation activities.
• Ensure incidents are reported and handled in accordance with federal incident response policies.
• Coordinate communications among stakeholders during incident response activities.
• Conduct post incident analysis and identify lessons learned to improve security posture.
• Develop and maintain incident response procedures and documentation.