cFocus Softwareorporated logo

cFocus Softwareorporated

Remote Jobs

29 open rolesLatest: Jul 1, 2026, 1:18 PM UTC
Post Date
Minimum Salary
Experience

29 Jobs

Role Description cFocus Software seeks a Vulnerability Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. - Direct vulnerability scanning activities across NIH enterprise systems. - Develop enterprise vulnerability management strategies. - Establish vulnerability assessment priorities based upon risk. - Continuously improve enterprise vulnerability management capabilities. - Analyze enterprise vulnerability scan results. - Perform vulnerability prioritization using risk-based methodologies. - Identify critical vulnerabilities requiring immediate remediation. - Evaluate exploitability and business impact. - Conduct root cause analysis. - Validate corrective actions. - Track vulnerability trends and recurring issues. - Coordinating remediation efforts with System Owners. - Tracking remediation progress. - Monitoring SLA compliance. - Escalating critical vulnerabilities within required timeframes. - Validating remediation completion. - Supporting risk acceptance processes. - Reducing enterprise cybersecurity risk. - Monitoring aging vulnerabilities. Qualifications - Public Trust Clearance - B.S. Computer Science, Information Technology, or a related field - 7+ years with vulnerability assessments or vulnerability management programs. - Experience managing enterprise vulnerability scanning solutions. - Experience with penetration testing efforts. - Experience supporting Federal cybersecurity programs. - Experience with RMF, FISMA, and NIST guidance. - Experience developing executive cybersecurity reports. - Ability to obtain and maintain NIH suitability/background investigation.

United States

Role Description cFocus Software seeks a Incident Response Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications - Public Trust Clearance - B.S. Computer Science, Information Technology, or a related field - 5+ years of cybersecurity experience - 5+ years supporting cybersecurity incident response or Security Operations Center (SOC) environments - Experience investigating security incidents across Windows, Linux, cloud, and enterprise networks - Experience with SIEM technologies and security monitoring platforms - Experience performing incident triage and root cause analysis - Knowledge of malware analysis and digital forensics concepts - Understanding of NIST Cybersecurity Framework and NIST SP 800-61 Incident Handling Guide - Ability to obtain and maintain required NIH suitability/background investigation - Active GCIH, GCFA, GCIA, CISSP, CySA+, Security+, CEH, CHFI, CISM, or GSEC Requirements - Monitor security events across the NIH/OD-OIT environment - Detect, analyze, and respond to cybersecurity incidents affecting enterprise systems - Perform incident triage to determine scope, severity, urgency, and operational impact - Support incident containment, eradication, recovery, and restoration activities - Investigate suspected security incidents within established response time requirements - Coordinate incident handling activities with NIH and HHS cybersecurity organizations - Monitor enterprise security logs and alerts - Perform network and host-based intrusion detection - Monitor cloud applications and cloud infrastructure - Support continuous 24x7 security monitoring operations - Identify indicators of compromise (IOCs) and suspicious activity

United States

Role Description The Cyber Threat Intelligence Analyst supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by delivering advanced cyber threat intelligence, threat analysis, proactive threat hunting, and operational cybersecurity support services. The Cyber Threat Intelligence Analyst is responsible for: - Collecting, analyzing, correlating, and disseminating actionable cyber threat intelligence to support the SBA Security Operations Center (SOC), cybersecurity operations, incident response activities, and enterprise risk mitigation efforts. - Supporting 24x7x365 cybersecurity operations through advanced analysis of indicators of compromise (IOCs), adversary tactics, techniques, and procedures (TTPs), emerging vulnerabilities, and threat actor activity impacting federal information systems and cloud environments. Qualifications - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Intelligence Studies, Information Assurance, or related discipline. Relevant experience may substitute for degree requirements. - Minimum of 5 years of experience supporting cybersecurity operations, cyber threat intelligence, threat hunting, incident response, or SOC operations. - Experience analyzing threat intelligence, indicators of compromise, adversary TTPs, and cybersecurity attack methodologies. - Hands-on experience with SIEM, EDR, IDS/IPS, network analysis, and cyber defense tools. - Experience conducting threat hunting and advanced event correlation across enterprise environments. - Knowledge of federal cybersecurity frameworks and guidance including NIST SP 800-61, NIST SP 800-53, and CISA operational guidance. - Understanding of MITRE ATT&CK framework and cyber kill chain methodologies. - Experience with cloud security monitoring and threat analysis in Microsoft Azure, AWS, Microsoft 365, and hybrid environments. - Strong analytical, investigative, communication, and reporting skills. - Ability to support 24x7x365 cybersecurity operational environments. Requirements - Provide cyber threat intelligence and operational analysis support for the SBA SOC in support of Task Area 3.5.3 Cybersecurity Operations Support. - Conduct proactive cyber threat hunting activities across enterprise systems, cloud environments, endpoints, and network infrastructure. - Analyze indicators of compromise (IOCs), threat actor tactics, techniques, and procedures (TTPs), malware behaviors, and emerging cyber threats. - Monitor and evaluate cyber threat intelligence feeds, vendor reporting, CISA advisories, US-CERT alerts, and external intelligence sources. - Perform advanced correlation and analysis of security events, SIEM data, IDS/IPS alerts, EDR telemetry, DNS logs, firewall logs, and network traffic. - Support incident response and cybersecurity investigations through intelligence-driven analysis and threat attribution support. - Develop cyber threat intelligence reports, operational briefings, situational awareness products, and executive-level summaries. - Assist with the identification of previously unknown attack vectors and suspicious activity through threat hunting and anomaly analysis. - Support digital forensics and incident analysis activities in coordination with SOC analysts, engineers, and incident responders. - Develop and maintain threat intelligence playbooks, threat models, attack scenarios, and adversary profiles. - Perform analysis of cloud security events and cyber threats impacting Microsoft 365, Azure, AWS, Salesforce, and hybrid cloud environments. - Conduct research on advanced persistent threats (APTs), ransomware groups, insider threats, nation-state actors, and emerging cyber attack trends. - Provide recommendations for defensive countermeasures, detection logic improvements, and enhanced security monitoring capabilities. - Assist in the development of threat signatures, SIEM use cases, detection analytics, and threat detection content. - Support continuous improvement of cybersecurity operations, threat intelligence workflows, and incident response processes. - Coordinate with federal stakeholders, law enforcement, privacy officials, insider threat teams, and mission partners during cyber incident activities. - Document investigative findings, intelligence assessments, and operational actions within case management and reporting systems. - Participate in SOC operational meetings, shift briefings, incident coordination calls, and cybersecurity readiness activities. - Maintain awareness of evolving cybersecurity technologies, federal threat reporting requirements, and NIST cybersecurity guidance. - Support cybersecurity communications, intelligence sharing, and collaboration activities across the SBA enterprise. Benefits - GIAC Cyber Threat Intelligence (GCTI) - GIAC Certified Incident Handler (GCIH) - GIAC Certified Forensic Analyst (GCFA) - Certified Information Systems Security Professional (CISSP) - CompTIA CySA+ - Certified Ethical Hacker (CEH) - Splunk Enterprise Security Certified Admin - Microsoft Security Operations Analyst Associate (SC-200)

United States
Job Closed

Role Description The Privacy and Controlled Unclassified Information (CUI) Lead supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by leading enterprise privacy, controlled unclassified information (CUI), data governance, and regulatory compliance initiatives. The Privacy and CUI Lead is responsible for managing privacy compliance activities, CUI governance processes, risk management coordination, data protection initiatives, privacy impact assessments, policy development, training support, audit coordination, and continuous monitoring activities supporting SBA systems, applications, cloud services, and enterprise operations. The role serves as the primary interface between program stakeholders, cybersecurity teams, system owners, legal personnel, and agency leadership regarding privacy and sensitive information protection requirements. - Lead SBA enterprise privacy and Controlled Unclassified Information (CUI) management activities supporting the ECS program. - Provide oversight and coordination for Task Area 3.5.5 Privacy and Controlled Unclassified Information Support activities. - Develop, implement, update, and maintain privacy and CUI policies, procedures, standards, governance documentation, and operational processes. - Support compliance with applicable federal privacy and information protection requirements including the Privacy Act of 1974, FISMA, OMB Circular A-130, NIST SP 800-53 Rev 5, NIST SP 800-171 Rev 3, and SBA cybersecurity/privacy policies. - Lead Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), data flow reviews, and privacy compliance assessments for SBA systems and services. - Manage CUI identification, categorization, marking, handling, safeguarding, dissemination, storage, and destruction activities in accordance with federal standards. - Coordinate privacy and CUI risk management activities with ISSOs, system owners, cybersecurity operations teams, legal counsel, and agency stakeholders. - Support implementation and assessment of privacy and security controls across enterprise systems, cloud environments, SaaS platforms, and hybrid infrastructures. - Provide guidance regarding data minimization, records retention, information sharing, encryption, and data protection best practices. - Support ongoing authorization, continuous monitoring, and security assessment activities related to privacy and CUI controls. - Assist with cybersecurity incident response and breach response activities involving personally identifiable information (PII) or CUI exposure. - Coordinate audit support activities for privacy, CUI, FISMA, Inspector General (IG), GAO, and internal compliance reviews. - Develop and maintain enterprise privacy and CUI dashboards, metrics, risk registers, and reporting mechanisms. - Support enterprise risk management (ERM) activities related to privacy risks, data protection risks, and sensitive information exposure. - Coordinate and deliver privacy and CUI awareness training, onboarding support, and role-based training initiatives. - Provide strategic recommendations regarding privacy governance, data protection technologies, and federal compliance initiatives. - Support FedRAMP continuous monitoring activities involving privacy and CUI requirements for cloud service providers. - Review system architectures, data flows, and operational processes to identify privacy risks and recommend mitigation strategies. - Ensure all deliverables align with SBA implementation procedures, federal mandates, and applicable accessibility requirements including Section 508. - Lead cross-functional coordination meetings involving cybersecurity, compliance, operations, legal, and program management personnel. - Provide management oversight, task coordination, schedule management, quality assurance, and status reporting for assigned privacy and CUI initiatives. Qualifications - Bachelor’s degree in Cybersecurity, Information Assurance, Information Systems, Public Policy, Business Administration, Computer Science, Legal Studies, or related field. Relevant experience may substitute for degree requirements. - Minimum of 10 years of experience supporting federal cybersecurity, privacy, compliance, information assurance, governance, risk management, or CUI-related programs. - Minimum of 5 years of experience leading enterprise privacy, compliance, governance, or cybersecurity initiatives. - Extensive knowledge of federal privacy regulations, cybersecurity frameworks, and controlled unclassified information requirements. - Experience supporting NIST Risk Management Framework (RMF), FISMA compliance, and federal cybersecurity assessment activities. - Strong understanding of NIST SP 800-53 Rev 5, NIST SP 800-171 Rev 3, Privacy Act requirements, FedRAMP, OMB A-130, and Zero Trust principles. - Experience developing privacy documentation, compliance reports, governance processes, risk assessments, and executive-level briefings. - Experience supporting cloud security and privacy compliance across Azure, AWS, Microsoft 365, Salesforce, or SaaS environments. - Strong project management, analytical, communication, and stakeholder engagement skills. - Experience coordinating cross-functional teams in complex federal IT and cybersecurity environments. - Excellent written communication and technical documentation skills. - Experience supporting federal agencies or government cybersecurity/privacy environments preferred. Preferred Certifications - Certified Information Systems Security Professional (CISSP) - Certified Information Privacy Professional/Government (CIPP/G) - Certified Information Privacy Manager (CIPM) - Certified Information Systems Auditor (CISA) - Certified Authorization Professional (CAP) - Project Management Professional (PMP) - Certified in Risk and Information Systems Control (CRISC) - GIAC Information Security Fundamentals (GISF) - Federal Risk and Authorization Management Program (FedRAMP) experience - ITIL Foundation Certification

United States
Job Closed

Role Description The Cyber Senior Program Manager shall provide executive-level leadership, oversight, coordination, and management for enterprise cybersecurity operations and compliance activities supporting the U.S. Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) effort. The individual will be responsible for the successful execution of all contract requirements associated with Program Management identified in Task Area 3.5.1 of the Performance Work Statement (PWS), including management of contractor personnel, subcontractors, schedules, deliverables, quality assurance, financial reporting, and customer engagement activities. Key Responsibilities - Serve as the primary point of contact between the Contractor and SBA leadership, Contracting Officer (CO), Contracting Officer Representative (COR), and stakeholders. - Provide overall program leadership, strategic direction, administration, and quality control for all ECS task areas and cybersecurity operations. - Develop, maintain, and execute the Program Management Plan (PMP), including transition planning, staffing strategies, risk management, quality management, and work breakdown schedules. - Manage contractor and subcontractor personnel supporting enterprise cybersecurity, RMF, SOC, incident response, vulnerability management, and compliance activities. - Monitor contract performance to ensure compliance with all RFQ, PWS, SLA, QASP, federal cybersecurity mandates, and agency requirements. - Lead monthly Program Management Reviews (PMRs), status meetings, executive briefings, and stakeholder engagements. - Prepare and deliver project status reports, financial reports, staffing reports, meeting minutes, and other contractual deliverables. - Coordinate resolution of programmatic, operational, technical, staffing, and performance issues while ensuring timely communication with the Government. - Provide oversight for cybersecurity initiatives aligned with NIST, FISMA, FedRAMP, Zero Trust, OMB directives, and SBA cybersecurity policies. - Ensure all program deliverables meet quality standards, Section 508 compliance requirements, and established timelines. - Support workforce planning, surge support requirements, and 24x7x365 cybersecurity operational readiness. - Maintain awareness of emerging cybersecurity threats, technologies, and federal compliance requirements to support continuous program improvement. - Support risk management activities, escalation procedures, and mitigation strategies across all task areas. - Ensure all personnel maintain required certifications, background investigations, and security eligibility requirements. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, Business Administration, or related discipline. Master’s degree preferred. - Minimum of fifteen (15) years of progressive experience managing large-scale federal cybersecurity and information technology programs. - Minimum of ten (10) years of experience leading enterprise cybersecurity initiatives supporting federal agencies. - Demonstrated experience managing programs involving RMF, FISMA, SOC operations, vulnerability management, incident response, continuous monitoring, and compliance reporting. - Experience managing geographically dispersed teams in hybrid and/or 24x7 operational environments. - Strong knowledge of NIST SP 800-series publications, OMB mandates, FedRAMP, Zero Trust Architecture, and federal cybersecurity frameworks. - Demonstrated ability to manage budgets, schedules, staffing, subcontractors, risk management, and executive communications. - Excellent verbal and written communication skills, including executive-level reporting and briefing experience. - Project Management Professional (PMP) certification preferred. - Relevant cybersecurity certification(s) such as CISSP, CISM, GSLC, or equivalent preferred. - Ability to obtain and maintain a Moderate Risk background investigation; must be eligible for Top Secret clearance if required during contract performance. Desired Experience - Experience supporting SBA, DHS, CISA, or other civilian federal agencies. - Experience leading enterprise cybersecurity modernization and Zero Trust initiatives. - Experience managing cybersecurity operations in cloud and hybrid environments including AWS, Azure, Microsoft 365, and SaaS platforms.

United States
Job Closed

Role Description The Cyber Threat Intelligence & Threat Hunting Lead will oversee integrated cyber threat intelligence (CTI), detection engineering, and proactive threat hunting operations supporting enterprise cyber defense missions. The Lead will drive development of intelligence-driven detections, hunt methodologies, adversary tracking, SIEM content engineering, and operational threat-informed defense capabilities. - Lead CTI, detection engineering, and threat hunting operations. - Develop intelligence-driven detection and hunt strategies. - Produce operational and strategic threat intelligence reporting. - Develop and maintain: - SIEM detections, - analytics, - correlation rules, - behavioral detections, - and hunt playbooks. - Conduct hypothesis-based threat hunting aligned to: - MITRE ATT&CK, - adversary TTPs, - malware campaigns, - and emerging threats. - Integrate CTI into SOC workflows, detection engineering, and incident response operations. - Analyze: - malware trends, - adversary infrastructure, - campaigns, - indicators, - and attack patterns. - Support automation and SOAR integration initiatives. - Brief executives and technical leadership on emerging threats and operational risk. Qualifications - 10+ years of cybersecurity operations experience. - 5+ years supporting CTI, threat hunting, or detection engineering programs. - Experience with: - Splunk, - Sentinel, - CrowdStrike, - EDR telemetry, - detection content engineering, - and intelligence platforms. - Strong understanding of: - MITRE ATT&CK, - adversary tradecraft, - malware analysis, - and intelligence analysis methodologies. - Experience developing: - SIEM detections, - hunt analytics, - detection tuning, - and operational reporting. Preferred Certifications - GCTI - GCFA - GCIH - GMON - GCDA - CISSP - Splunk Security certifications

United States
Job Closed

Role Description The SOC Operations Lead will oversee 24x7x365 Security Operations Center (SOC) and Managed Detection & Response (MDR) operations supporting a large federal enterprise environment. The Lead will direct SOC analysts, incident responders, and MDR personnel responsible for security monitoring, alert triage, incident analysis, escalation, containment coordination, reporting, and continuous operational improvement. The ideal candidate possesses deep experience leading enterprise SOC operations supporting federal agencies, including SIEM operations, endpoint detection and response (EDR), cloud security monitoring, incident coordination, and executive cyber reporting. Key Responsibilities - Lead enterprise SOC and MDR operations supporting on-premises and cloud environments. - Oversee 24x7 monitoring, detection, triage, and escalation activities. - Direct operational workflows for: - SIEM monitoring, - alert management, - incident coordination, - case management, - and operational reporting. - Manage analyst teams supporting: - Splunk, - Microsoft Sentinel, - CrowdStrike, - Sysmon, - Windows event logging, - and cloud telemetry platforms. - Develop and maintain SOC SOPs, playbooks, runbooks, escalation matrices, and reporting procedures. - Lead operational metrics reporting including: - MTTD, - MTTR, - false positive rates, - automation effectiveness, - analyst productivity, - and incident impact assessments. - Coordinate closely with Threat Hunting, CTI, Detection Engineering, and Incident Response teams. - Brief executives and government leadership on significant incidents, operational trends, and emerging threats. - Support proposal development, oral presentations, staffing, and transition planning. Qualifications - 10+ years of cybersecurity operations experience. - 5+ years leading enterprise SOC or MDR environments. - Experience supporting federal civilian or DoD environments. - Experience managing large-scale SOC operations in environments exceeding: - 10,000+ users, - enterprise cloud environments, - and large SIEM deployments. - Experience with: - Splunk Enterprise Security, - Microsoft Sentinel, - CrowdStrike, - EDR/XDR platforms, - SOAR technologies, - and cloud security monitoring. - Deep understanding of: - MITRE ATT&CK, - incident response, - detection engineering, - and threat-informed defense. - Strong executive briefing and oral presentation skills. Preferred Certifications - CISSP - GCIA - GCIH - GMON - GSOC - Splunk Architect/Admin certifications - Microsoft Security certifications

United States
Job Closed

Role Description cFocus Software seeks a SOC Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote and requires the ability to obtain a Public Trust clearance. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). - Experience in cybersecurity operations, incident response, or related SOC environment. - Familiarity with enterprise IT environments, networks, and security technologies. - Ability to analyze and interpret security data and alerts. - Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel). - Knowledge of endpoint detection and response (EDR) tools. - Understanding of networking fundamentals (TCP/IP, DNS, HTTP, etc.). - Familiarity with threat intelligence and common attack techniques. - Strong analytical and problem-solving skills. - Ability to work in a fast-paced, 24x7 operational environment. - Effective communication and documentation skills. Requirements - Role-appropriate cybersecurity certifications demonstrating competency in security operations and incident response. - Examples include: CompTIA Security+, CySA+, CEH, GSEC, or other relevant certifications. Duties - Monitor security events and alerts using SIEM and other security monitoring tools. - Analyze logs, alerts, and network traffic to identify potential security incidents. - Perform incident triage, investigation, and escalation in accordance with established procedures. - Document incidents, findings, and response actions in ticketing systems. - Support incident response activities and coordinate with internal teams as needed. - Follow and maintain SOPs, playbooks, and response procedures. - Identify false positives and tune detection rules where appropriate. - Support vulnerability management and threat detection initiatives. - Participate in continuous improvement of SOC processes and capabilities.

United States
Job Closed

Role Description cFocus Software seeks a ISSO Lead to join our program supporting the Federal Communications Commission (FCC). This position is remote and requires the ability to obtain a Public Trust clearance. - Lead RMF lifecycle activities including system authorization, reauthorization, and continuous monitoring. - Develop, maintain, and update security documentation including SSPs, CMPs, contingency plans, and A&A packages. - Manage POA&Ms, risk acceptances, and remediation tracking across enterprise systems. - Serve as liaison between business units and the Office of the CISO. - Support vulnerability management, configuration management, and compliance monitoring. - Lead internal controls testing and Security Control Assessments (SCA). - Coordinate and support internal/external audits (e.g., FISMA, OIG). - Maintain authorization boundary documentation and configuration deviation tracking. - Support risk analysis, reporting, and continuous improvement initiatives. - Facilitate weekly security meetings and stakeholder coordination. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience). - 8+ years of experience in cybersecurity, compliance, or risk management. - Demonstrated experience with RMF, NIST SP 800-53, and federal compliance frameworks. - Experience supporting A&A, POA&M management, and continuous monitoring programs. - Experience in enterprise-scale cybersecurity environments. - Experience with federal environments (FISMA, NIST frameworks). - Experience with GRC tools (e.g., Xacta). - Strong leadership, communication, and stakeholder engagement skills. Requirements - CISSP (Certified Information Systems Security Professional) OR equivalent certification in information security governance/risk.

United States
Job Closed

Role Description cFocus Software seeks a Threat Intelligence/Threat Hunting Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote and requires the ability to obtain a Public Trust clearance. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience). - Experience in threat intelligence, threat hunting, or cybersecurity operations. - Experience analyzing logs, network traffic, and endpoint data. - Knowledge of MITRE ATT&CK framework and cyber threat lifecycle. - Familiarity with NIST frameworks and RMF processes. - Strong analytical and investigative skills. - Experience with SIEM platforms (e.g., Splunk, QRadar). - Experience with EDR/XDR tools. - Scripting skills (Python, PowerShell) for automation and analysis. - Knowledge of cloud security monitoring. - Strong written and verbal communication skills. Requirements - Role-appropriate cybersecurity certifications (e.g., Security+, CySA+, CEH, GCIH, or equivalent). - Additional certifications in threat intelligence or incident response are preferred. Duties - Conduct proactive threat hunting across enterprise networks, endpoints, and cloud environments. - Analyze threat intelligence feeds, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs). - Correlate data from SIEM, EDR, and other security tools to detect malicious activity. - Develop and refine detection rules, use cases, and hunting methodologies. - Investigate security incidents and support incident response activities. - Produce threat intelligence reports and briefings for stakeholders. - Track emerging threats and assess potential impact to the organization. - Support continuous monitoring, RMF processes, and compliance reporting. - Collaborate with SOC, vulnerability management, and engineering teams.

United States
Job Closed

19more opportunities are still waiting for you.Log in now and take your next shot before someone else does.