
cFocus Software Incorporated
Remote Jobs
51 Jobs
cFocus Software seeks a Security Operations Analyst 3 to join our program supporting the National Indian Gaming Commission (NIGC). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 4+ years of experience in cybersecurity operations or SOC analysis (senior-level) - Strong knowledge of security monitoring, incident response, and threat detection - Experience with SIEM, SOAR, EDR, and NDR tools - Familiarity with NIST frameworks, FISMA, and federal cybersecurity standards - Experience analyzing logs across network, endpoint, and cloud environments - Knowledge of Microsoft 365, Azure, and identity management (Entra ID) - Experience supporting federal agencies and compliance frameworks - Experience with VMware, Linux administration, and disaster recovery planning - Relevant certifications such as CISSP, CySA+, GCIH, or GCIA - Experience with PowerShell scripting and automation tools Duties: - Perform all security analysis activities according to established standards. - Maintain threat awareness and monitor NIGC information systems for exploits and any suspicious activities; analyze aggregated logs and reports from security tools. - Develop a daily security analysis and reporting checklist and execute activities identified in the checklist. - Evaluate effectiveness of security analysis activities compared to best practices and recommend improvements. - Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls and execute proactive threat hunting activities to ensure confidentiality, integrity, and availability of NIGC information systems. - Develop detection and response configuration policies to increase automation and alerting. - Develop Incident handling procedures. - Execute Incident Response activities to include all associated actions according to the NIGC incident response plan. - Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations. - Collect security operations performance and NIGC security posture management metrics and prepare NIGC threat reports to inform risk management decisions.
cFocus Software seeks a Records Management Specialist 2 to join our program supporting the National Indian Gaming Commission (NIGC). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Business Administration, Computer Science, Information Technology, or a related field - 4+ years of experience in records management, FOIA, or information governance - Knowledge of federal records management, FOIA, and Privacy Act requirements - Experience with Microsoft 365 (SharePoint, Teams, OneDrive) - Experience with Salesforce or similar CRM platforms - Familiarity with PowerShell scripting and automation - Strong attention to detail and organizational skills - Strong written communication and documentation skills - Experience supporting federal agencies or regulated environments - Knowledge of records retention schedules and compliance frameworks - Certifications in records management or information governance (e.g., CRM, CIP) Duties: - Perform records management activities according to Federal government privacy and legal requirements. - Assist in the development of analyses and reports associated with the Freedom of Information Act (FOIA) and the Privacy Act (PA) processes. - Manage the flow of FOIA and PA correspondence or requests and establish processes to provide prompt responses to requestors in accordance with FOIA policies, procedures, and guidelines. - Perform technical tasks involved in maintaining Salesforce Customer Relationship Management (CRM) system. - Participate in the development of information management policies and governance of supporting applications on Microsoft 365 and Salesforce platforms. - Manage SharePoint sites content and permissions. - Create and execute PowerShell scripts to produce reports and perform records management tasks. - Compile data for reports, transcribe reports, and maintain indexes. - Ensure that all work products are proofread and free of errors, omissions, and inconsistencies.
cFocus Software seeks an IT Systems Engineer 3 to join our program supporting the National Indian Gaming Commission (NIGC). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 4+ years of experience in systems engineering or administration - Strong knowledge of NIST frameworks, FISMA, and federal IT compliance requirements - Experience with Microsoft Azure, Microsoft 365, and Entra ID - Experience with Cisco networking, firewalls, and hybrid infrastructure environments - Knowledge of Windows Server, Linux systems, and VMware environments - Experience with patch management, vulnerability remediation, and system hardening - Familiarity with endpoint security tools (EDR) and monitoring solutions - Certifications such as CISSP, Microsoft Azure certifications, Security+, or equivalent - Experience with PowerShell scripting and automation Duties: - Perform systems engineering and maintenance activities according to established standards. - Apply knowledge and skills of information systems management principles including NIST guidelines and FISMA directives. - Apply knowledge of networking technologies including LAN, Cloud Environment, MS Azure, and Wireless management in solutions implementation and troubleshooting. - Evaluate current NIGC IT systems architecture and configuration with a view to recommend well researched and documented corrective actions. - Identify gaps in the implementation of Federal Information Systems Management Act (FISMA) requirements and propose remediation plans. - Manage the M365 Entra ID environment with a focus on conditional access, MFA integration, and auditing. - Provide written recommendations to System Owner on systems operations priorities to help drive operations improvements and identify dependencies. - Develop and implement STIGS configuration baselines for servers and configure proactive monitoring and alerting for all critical IT resources. - Perform day-to-day IT systems administration activities according to best practices in both on-premises and M365 environments. - Evaluate and execute security compliance activities such as Endpoint Detection and Response policies and SCUBA compliance baselines to align the environment with cybersecurity directives and internal security requirements as requested by the CISO. - Install, configure, test, and maintain servers, storage, and related networking equipment. - Develop disaster recovery strategies for critical systems and data as directed by System Owner, - Implement patch management strategies, and secure data according to established procedures. - Install firmware and security updates on servers, printers, and related networking equipment. - Maintain configuration hygiene, mitigate vulnerabilities, document systems administration processes, and support the implementation of controls to meet FISMA requirements. - Participate in special project team meetings to gather relevant systems requirements and support the integration of projects with IT operations.
cFocus Software seeks a Cybersecurity Operations Engineer to join our program supporting the National Indian Gaming Commission (NIGC). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 4+ years of experience in cybersecurity operations or engineering - Strong knowledge of NIST frameworks, FISMA, and federal cybersecurity directives - Experience with Microsoft Azure, M365, and cloud security tools (Defender suite) - Experience with Cisco networking, firewalls, and hybrid infrastructure environments - Proficiency with SIEM (e.g., Microsoft Sentinel), SOAR, EDR, and NDR tools - Experience with PowerShell scripting and log management (Syslog) - Strong understanding of identity management (Entra ID, MFA) - Experience in incident response, threat hunting, and continuous monitoring - Industry certifications such as CISSP, GCIA, GCIH, CEH, or Microsoft Security certifications - Experience supporting federal agencies and compliance frameworks - Experience with VMware, Linux administration, and disaster recovery planning Duties: - Apply knowledge and skills of information systems security principles, NIST guidelines, FISMA, CISA, and federal directives, to conduct ongoing security assessments of installed systems and networks with a view to recommend corrective actions. - Perform systems engineering and maintenance activities according to established standards. - Apply knowledge of Networking Technologies including LAN, MS Azure, and Wireless management in security solutions implementation and troubleshooting. - Develop NIGC security operations capabilities by evaluating current strategies and pursuing alignment with best practices. - Ensure the effective configuration and daily operations of tools that support the NIGC cybersecurity strategy. Such tools include SEIM integration, Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), Firewalls, M365 Cloud security, Defender for Cloud, and Continuous Diagnostics & Mitigation (CDM) capabilities. - In collaboration with CISO and Privacy Officer develop plans, techniques, and measurable objectives to improve the development of cybersecurity and privacy measures that meet NIGC goals for protecting sensitive information. - Collaborate with other teams on the integration of NIGC Applications and IT services to consider security implications and ensure that NIGC security requirements are met. - Maintain threat awareness and monitor NIGC information systems for exploits and any suspicious activities. Analyze aggregated logs from security tools and perform regular threat hunting activities. - Develop Security Orchestration and Automation capabilities. - Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls and execute proactive threat hunting activities to ensure confidentiality, integrity, and availability of NIGC information systems. - Develop detection and response configuration policies to increase automation. - Execute Incident Response activities to include all associated actions according to the NIGC incident response plan. - Develop Incident handling procedures. - Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations. - Collect security operations performance and NIGC security posture management metrics and prepare NIGC threat reports to inform risk management decisions. - Develop and maintain accurate security operations documentation including the preparation of standard operating procedures for recurring tasks
cFocus Software seeks a vSOC Project Manager to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 15+ years of Project/Program Manager experience - Experience managing Security Operations Centers (SOC) or vSOC programs - Strong understanding of SIEM platforms, particularly Microsoft Sentinel - Knowledge of incident response, threat detection, and SOC workflows - Familiarity with NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles - Experience managing SLAs, KPIs, and operational metrics (MTTD, MTTR) - Ability to manage cross-functional cybersecurity teams and stakeholders - Experience with Microsoft Defender, AWS logging, and cloud security monitoring - Experience managing compliance requirements (CUI, PII, PHI, FTI) - Strong communication and reporting skills for executive-level briefings - Active Project Management Professional (PMP) certification - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Provide overall program management and leadership for vSOC operations - Serve as the primary point of contact for CBO stakeholders and the Contracting Officer’s Representative (COR) - Oversee 24x7x365 SOC operations including Tier I, II, and III analysts and engineering support - Ensure compliance with SLAs for monitoring, triage, response, and reporting - Manage delivery of required reports (weekly, monthly, quarterly, and incident reports) - Coordinate incident response activities and escalation for high-severity events - Lead program planning, scheduling, risk management, and resource allocation - Ensure alignment with Microsoft Sentinel and Defender-based security operations - Oversee log management, ingestion health, and reporting deliverables - Coordinate vulnerability and patch management reporting and remediation tracking - Ensure compliance with NIST standards, IRS 1075, and federal security requirements - Lead continuous improvement initiatives including detection engineering and automation - Support disaster recovery (DR) and continuity testing activities
cFocus Software seeks a Senior Security Engineer to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 8+ years of Security Engineering experience - Strong experience with Microsoft Sentinel (SIEM) operations and engineering - Experience with Microsoft Defender for Endpoint (MDE) and Defender for Identity (MDI) - Knowledge of AWS logging (CloudTrail, VPC Flow Logs) and cloud security monitoring - Experience with log ingestion, normalization, and schema mapping - Understanding of incident response, threat detection, and SOC operations - Familiarity with NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles - Experience with detection engineering and threat hunting methodologies - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Review Microsoft Sentinel log ingestion, pipeline health, and monitoring coverage - Validate, develop, and tune detection use cases aligned with MITRE ATT&CK - Identify telemetry gaps and ensure proper ingestion and normalization of logs - Coordinate remediation activities with CBO IRM staff - Support vulnerability prioritization and patch governance validation - Validate log routing, transformation, and normalization (e.g., Cribl or similar tools) - Provide technical support during security incidents and escalation events - Support detection engineering, threat hunting, and SOC automation initiatives - Ensure alignment with Microsoft Defender (Endpoint, Identity) and AWS log sources
cFocus Software seeks a Tier 1 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - Foundational knowledge of cybersecurity principles and SOC operations - Familiarity with SIEM tools, preferably Microsoft Sentinel - Understanding of common attack vectors and MITRE ATT&CK framework - Basic knowledge of networking, operating systems (Windows/macOS), and cloud environments - Strong analytical and problem-solving skills - Ability to follow procedures and work in a shift-based environment - Relevant certifications (e.g., Security+, CySA+, or equivalent) - Experience with Microsoft Defender tools (Endpoint, Identity) - Exposure to log analysis and incident response processes - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Monitor security alerts and events using SIEM tools (e.g., Microsoft Sentinel) - Perform initial triage and validation of alerts to determine legitimacy - Escalate confirmed or suspicious incidents to Tier II analysts per defined procedures - Document incidents, actions taken, and findings in ticketing systems - Follow established playbooks and standard operating procedure - Assist with log review across identity, endpoint, network, and cloud environments - Support reporting requirements by contributing to weekly and monthly SOC reports - Maintain situational awareness of emerging threats and indicators of compromise
cFocus Software seeks a Tier 2 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 2+ years of SOC Analyst experience - Strong knowledge of cybersecurity operations and incident response processes - Experience with SIEM platforms, preferably Microsoft Sentinel - Understanding of MITRE ATT&CK framework and threat actor tactics - Experience analyzing logs from endpoints, networks, cloud, and identity systems - Familiarity with Microsoft Defender tools (Endpoint, Identity) and cloud platforms (AWS) - Experience with digital forensics and malware analysis - Familiarity with SOAR tools and automation workflows - Experience supporting federal or regulated environments (NIST, CUI, etc.) - Ability to perform threat hunting and advanced correlation analysis - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Perform advanced analysis and investigation of escalated security alerts and incidents - Conduct root cause analysis (RCA) and determine scope and impact of incidents - Support incident response activities including containment, eradication, and recovery - Perform threat hunting across identity, endpoint, network, cloud, and application logs - Correlate events across multiple data sources within SIEM (Microsoft Sentinel) - Develop and tune detection rules, analytics, and use cases - Maintain and improve SOC playbooks and incident response procedures - Provide detailed documentation of investigations, findings, and remediation actions - Support reporting requirements including contributions to monthly and quarterly reports - Collaborate with Tier I and Tier III analysts, engineers, and stakeholders
cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 5+ years of SOC Analyst experience - Expert knowledge of incident response, threat hunting, and detection engineering - Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools - Strong understanding of MITRE ATT&CK framework and adversary tactics - Experience with digital forensics and malware analysis techniques - Ability to analyze logs across identity, endpoint, network, and cloud environments - Strong knowledge of AWS logs (CloudTrail, VPC Flow Logs) and enterprise security tools - Experience with KQL (Kusto Query Language) and advanced correlation analysis - Deep understanding of NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles - Experience with SOAR platforms and automation (Logic Apps, Sentinel playbooks) - Experience supporting federal environments and compliance (CUI, FTI, NIST, IRS 1075) - Experience leading incident response engagements and reporting to leadership - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Lead investigation and response for complex and high-severity security incidents - Perform advanced threat hunting using Microsoft Sentinel and Defender platforms - Conduct digital forensics, malware analysis, and root cause analysis (RCA) - Develop, tune, and optimize detection rules, analytics, and correlation logic - Map detections and activities to MITRE ATT&CK framework - Oversee incident lifecycle management (detection through containment, eradication, and recovery) - Support and improve SOC playbooks, automation workflows, and response procedures - Provide mentorship and guidance to Tier I and Tier II analysts - Identify security control gaps and recommend remediation strategies - Support red team, purple team, and adversary emulation exercises - Contribute to incident reports, quarterly threat reviews, and executive briefings
cFocus Software is seeking a highly skilled Mid-Level Information Systems Security Officer (ISSO) to support the Enterprise Security Services (ESS) program. This role is responsible for ensuring compliance with federal cybersecurity requirements, maintaining security documentation, and supporting system authorization and continuous monitoring activities. The successful candidate will oversee security control assessments, provide risk management guidance, and collaborate with stakeholders to maintain secure system configurations in alignment with the ESS Performance Work Statement (PWS). Responsibilities Security Governance - Oversee the implementation and enforcement of system security requirements as defined by the PWS. - Ensure compliance with federal cybersecurity policies, including NIST RMF, FISMA, and FedRAMP. - Support and maintain system security plans (SSPs), risk assessments, and authorization documentation. - Collaborate with system owners, administrators, and engineers to maintain secure system configurations. Risk & Compliance Management - Lead security control assessments and support continuous monitoring activities. - Conduct vulnerability assessments, risk analyses, and recommend remediation strategies. - Support audits, inspections, and authorization processes (ATO/ATC). - Develop, maintain, and track Plans of Action and Milestones (POA&Ms). Documentation & Reporting - Develop and deliver security documentation, reports, and briefings to leadership and stakeholders. - Ensure timely and accurate reporting of cybersecurity posture, risks, and incidents. - Maintain accurate and up-to-date security artifacts to support compliance and accreditation efforts. Mentorship & Collaboration - Mentor and provide guidance to junior ISSOs and cybersecurity staff. - Collaborate with internal and external stakeholders to resolve security concerns and support mission objectives. Required Experience - 6+ years of cybersecurity experience, with at least 3+ years as an ISSO in a federal environment. - Strong knowledge of NIST SP 800-53, Risk Management Framework (RMF), and federal cybersecurity policies. - Experience developing and maintaining security documentation (SSPs, SARs, POA&Ms, etc.). - Proficiency in vulnerability management, incident response, and continuous monitoring practices. - Demonstrated ability to brief senior leadership and communicate effectively across technical and non-technical stakeholders. Education & Certifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. - Relevant cybersecurity certifications (e.g., CISSP, CISM, CISA, CAP, or equivalent). - Master’s degree preferred. Clearance Requirement - Active Public Trust clearance required.
41more opportunities are still waiting for you.Log in now and take your next shot before someone else does.