cFocus Software Incorporated
Jobs at cFocus Software Incorporated
Let Your Resume Do The Work
Upload your resume to be matched with jobs you're a great fit for.
Success! We'll use this to further personalize your experience.
Recently posted jobs
Software
Perform hypothesis-driven threat hunts and incident response across cloud and on-prem environments (Azure, O365, AD, Zscaler). Use Splunk ES, Sentinel, EDR (CrowdStrike), Sysmon/Auditd, and network tools to collect, analyze, and document findings. Produce hunt hypotheses, reports, detection logic, SOPs, and weekly updates. Participate in agile scrum, Jira ticketing, on-call IR support, and coordinate with court IT for agent deployment and remediation.
Software
Provide programmatic support to DHS GMO managing enterprise geospatial data and applications. Lead or support teams to implement geospatial IT solutions, develop policies and GII requirements, prioritize resources, apply Agile/Waterfall methodologies, and deliver tactical and strategic recommendations. Maintain DC business-hour availability and respond to technical issues within 24 hours.
Software
Manage and engineer enterprise Linux servers for NIH: install/configure RHEL/Ubuntu/Oracle/Rocky, perform DISA STIG/CIS hardening and patching, support CDM/continuous monitoring, automate admin tasks, integrate with identity services, handle vulnerability and configuration monitoring, and optimize performance across virtual and cloud environments.
Software
Remote Linux Systems Administrator to manage, harden, and optimize enterprise Linux servers (RHEL, Rocky, Ubuntu, Oracle). Implement secure architectures and Zero Trust controls, deploy authentication services (LDAP/AD/Kerberos/SSSD/MFA), apply DISA STIGs/CIS/NIST hardening, manage patching and lifecycle, and automate tasks using Bash, Python, or Ansible. Collaborate with security, network, and application teams supporting federal/regulated environments.
Software
Perform credentialed host, network, application, and database vulnerability scans across NIH systems; schedule and execute recurring and specialized scans (including HVAs); operate, configure, and maintain enterprise vulnerability scanning infrastructure and tools; validate scan coverage, integrate scanning tools with enterprise capabilities, and develop remediation guidance from vulnerability data.
Software
Administer and harden enterprise Windows Server environments per NIH security baselines. Manage Active Directory, GPOs, DNS/DHCP, virtualization, patching, backups, and endpoint protections. Support vulnerability scanning and remediation, change/configuration management, disaster recovery, and maintain compliance with FISMA/NIST/NIH security policies.
Software
Perform authenticated and unauthenticated web application vulnerability scans and application security assessments (DAST/SAST). Analyze and validate scan results, prioritize and correlate vulnerabilities using CVSS and risk methodologies, provide remediation guidance, support integration of scanning into DevSecOps/CI/CD, and collaborate with development teams to promote secure-by-design practices across NIH applications.
Software
Design, implement, configure, and maintain secure enterprise network infrastructure for NIH. Engineer high-availability routing, switching, VPNs, firewalls, IDS/IPS, WAFs, and cloud networking; integrate network security with SIEM, EDR, PAM, and DLP. Support Zero Trust, NIST compliance, micro-segmentation, and infrastructure modernization.
Software
Monitor and analyze security events across NIH environments, detect and respond to incidents, perform triage and root cause analysis, support containment/eradication/recovery, investigate incidents across endpoints, networks and cloud, and coordinate response with NIH/HHS teams while maintaining 24x7 monitoring operations.
Software
Monitor enterprise security systems, analyze alerts from SIEM/IDS/EDR/cloud/network platforms, identify IOCs, perform initial incident triage and classification, validate incidents, reduce false positives, escalate confirmed incidents, and maintain incident tickets through the lifecycle.
Software
Serve as the primary ISSO for NIH systems, implementing NIST RMF and SP 800-53 controls, supporting A&A for Low/Moderate FISMA systems, developing and maintaining authorization artifacts (SSPs, SAPs, SARs, POA&Ms), conducting continuous monitoring, coordinating vulnerability remediation, and supporting audits, risk assessments, and incident response.
Software
Perform enterprise penetration tests (internal/external network, web apps, cloud, OS, wireless, AD), simulate real-world attacks, exploit vulnerabilities, validate controls, document findings, prepare test plans, and provide Red Team support.
Software
Lead RMF implementation and manage the A&A lifecycle for NIH systems. Oversee SSPs, SAPs, SARs, POA&Ms, continuous monitoring, vulnerability remediation, and C-SCRM. Supervise ISSOs, coordinate with SCAs/AOs, ensure FISMA/NIST compliance, develop executive risk metrics, and support audits and enterprise cybersecurity governance.
Software
Lead and manage enterprise vulnerability scanning and vulnerability management strategy for NIH systems. Prioritize, analyze, and validate remediation of critical vulnerabilities using risk-based methodologies, support federal cybersecurity programs and reporting, coordinate remediation with system owners, and maintain vulnerability metrics and trends.
Software
Support NIH cybersecurity program management and RMF activities: produce reports and dashboards, track POA&Ms and A&A packages, maintain RMF documentation (SSPs, SARs), coordinate FISMA reporting and audits, provide governance guidance, and support ServiceNow-based security operations and continuous monitoring.
Software
Lead and coordinate enterprise incident response for NIH across cloud, hybrid, and on-prem systems. Direct full incident lifecycle activities, oversee technical investigations, evidence preservation, containment/recovery, SOC coordination, reporting, and compliance with NIST, HHS, and federal cybersecurity requirements.
Software
Serve as senior cybersecurity technical advisor for NIH, designing and leading enterprise and hybrid-cloud security architectures, implementing NIST and Federal controls, driving Zero Trust initiatives, overseeing SIEM/EDR/NGFW/PAM/DLP platforms, mentoring staff, and producing architectural documentation and roadmaps to improve security posture and resilience.
Software
Perform proactive enterprise threat hunting across NIH-managed systems to identify IOCs/IOAs and APT activity. Conduct hypothesis-driven hunts using MITRE ATT&CK, perform behavioral analysis across endpoints, servers, cloud, and networks, analyze malware and advanced threats, support incident response, and develop new hunting methodologies.
Software
Serve as the single Program Manager for an NIH federal IT/cybersecurity task order: lead transitions, manage IMS, staffing, risks, contract performance, reporting, compliance with FISMA/NIST/HHS, and provide executive briefings to NIH leadership.
Software
Support Navy acquisition programs: prepare and review test plans and briefings, develop and maintain acquisition documentation, monitor cost/schedule thresholds, support governance and milestone decisions, provide analyses and executive briefings, assess regulatory impacts, recommend policy updates, train users, and coordinate with program teams and Government stakeholders. Requires Secret clearance.



