cFocus Software seeks a Journeyman Information Security Analyst to join our program supporting the Internal Revenue Service (IRS). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - 5 to 8 years of progressively responsible experience in information security, cyber risk management, or IT security operations. - Must include at least 3 years of hands-on experience in system security analysis, vulnerability management, or incident response within a Federal Information Systems Security or equivalent enterprise environment. - Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field. - Security+ CE certification required. - Higher-level certifications (e.g., CISSP, CISM, CEH, CAP) preferred and may substitute for additional years of experience. - Knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and ISCM Plan development. - IT security knowledge with desired Professional Certifications from the International Information System Security Certification Consortium (ISC)2, the International Society for Automation (ISA), the Project Management Institute (PMI), CompTIA, or the SANS Institute - Knowledge of the IRS infrastructure, technologies and general support systems is highly desirable - Knowledge and experience with technology risk assessments covering Webservices, network appliances and software - Knowledge and experience the IRS Enterprise Lifecycle and OneSDLC - Knowledge of System Interconnections to include virtual private network VPN) and other encryption technologies - Knowledge and experience with cloud systems, CSPs, and FedRAMP requirements - Knowledge of IRS Business Units and IT enterprise processes organizational processes within the - Knowledge/experience with Qmulos Q-Compliance, SharePoint, Scanning tools, ServiceNow GRC, SPLUNK - Knowledge and experience with technology security engineering, analysis, and assessment - Knowledge and experience with security architecture principles and system modeling

cFocus Software seeks a Jr. Information Security Analyst to join our program supporting the Internal Revenue Service (IRS). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - 1 to 3 years of relevant professional experience in information security, cyber risk management, network defense, or - Experience may include internships, co-op positions, or hands-on cybersecurity training programs that demonstrate applied understanding of security principles. - Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related technical field. - An Associate degree plus 2 additional years of hands-on experience may substitute for a Bachelor’s degree. - CompTIA Security+ CE (or equivalent) required. - Network+, CEH, or CAP certifications preferred. - Knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and ISCM Plan development. - IT security knowledge with desired Professional Certifications from the International Information System Security Certification Consortium (ISC)2, the International Society for Automation (ISA), the Project Management Institute (PMI), CompTIA, or the SANS Institute - Knowledge of the IRS infrastructure, technologies and general support systems is highly desirable - Knowledge and experience with technology risk assessments covering Webservices, network appliances and software - Knowledge and experience the IRS Enterprise Lifecycle and OneSDLC - Knowledge of System Interconnections to include virtual private network VPN) and other encryption technologies - Knowledge and experience with cloud systems, CSPs, and FedRAMP requirements - Knowledge of IRS Business Units and IT enterprise processes organizational processes within the - Knowledge/experience with Qmulos Q-Compliance, SharePoint, Scanning tools, ServiceNow GRC, SPLUNK - Knowledge and experience with technology security engineering, analysis, and assessment - Knowledge and experience with security architecture principles and system modeling

Role Description This role supports the Information Assurance and Privacy team as a driver of risk management, compliance management, assessments, security controls, and awareness throughout the organization. The Senior Compliance Analyst will play a crucial role in ensuring that our company complies with all regulatory requirements and internal policies. This position involves a deep understanding of eDiscovery and the technology utilized, as well as monitoring, auditing, and reporting on compliance activities, and providing support and guidance to various departments. The role also includes managing incoming security assessments from clients and ensuring vendors are reviewed within the contracting platform. - Develop, implement, and maintain compliance policies and procedures. - Collaborate in the development and maintenance of an information security policy set, including standards and processes that fit the organization at all levels and ensure the confidentiality, integrity, and availability of the enterprises’ information. - Seek and confirm management approval as required. - Liaise with Service Delivery and Product Development to ensure that information security architecture standards, policies, and procedures are available and enacted consistently across application development projects, programs, and eDiscovery workflows. - Assist in conducting regular audits and assessments to ensure adherence to regulatory requirements. - Ensure operational compliance of the information assurance and privacy compliance programs, including but not limited to SOC II, ISO 27001, and HIPAA. - Monitor and analyze regulatory changes and their impact on the company. - Develop and maintain a working knowledge of company's service offerings and products within the eDiscovery industry. - Provide training and support to employees on compliance-related matters within an eDiscovery framework. - Investigate and resolve compliance issues and complaints. - Prepare and submit compliance reports to regulatory bodies and senior management. - Collaborate with client services, sales, legal, finance, and other departments to ensure comprehensive compliance coverage. - Maintain up-to-date knowledge of industry best practices and regulatory developments. - Manage incoming security assessments from clients and ensure timely responses. - Review and assess vendors within the contracting platform to ensure compliance with company standards. - Oversee and maintain risk register, ensuring timely resolutions of open risks. - Ensure that strategic information security and risk guidance is provided to third-party suppliers in accordance with internal frameworks and ensure compliance with enterprise and/or client required controls. - Coordinate with stakeholders, subject matter experts, and external regulators with enterprise incident management, including the identification, reporting, control, and recovery of incidents. - Work with stakeholders to ensure that availability of information is considered in Business Continuity and Disaster Recovery planning. - Coordinate with IT leadership on IT/DR plan development and facilitate tabletop exercises. - Participate in the Information Security Steering Counsel and provide guidance to non-technical members of the council to ensure all members’ effectiveness. - Build sound, collaborative business relationships across the enterprise to enable a strong understanding and close alignment with business needs, direction, and risk appetite. - Foster continuous improvement of enterprise’s information security and privacy compliance through accurate, timely and effective metrics and corrective action programs. - Ability to plan, scope and estimate work effort to produce high quality deliverables in time/on budget. - Perform other related duties as assigned. Qualifications - Bachelor's degree desired. - Minimum of 5 years of experience in compliance or eDiscovery. - Minimum of 3 years providing SaaS services. - Strong understanding of regulatory requirements and compliance standards. - Background in eDiscovery, including experience with eDiscovery tools and processes. - Relativity expertise a strong plus. - Excellent analytical, organizational, and problem-solving skills. - Ability to communicate effectively with all levels of the organization. - Proficiency in compliance management software and tools. - Knowledge of eDiscovery, Application Security, IT Security Policy and governance, Risk Management, Incident Management. - Exceptional interpersonal skills with the ability to speak clearly and with authority to auditors, clients, regulators, and senior company personnel. - Intellectual curiosity and the ability to learn new concepts quickly and efficiently. - Highly solution-focused; strong sense of urgency with a passion for 100% availability. Requirements - Duties are performed in a typical office environment while at a desk or computer table. - Duties require the ability to use a computer, communicate over the telephone, and read printed material, in a quiet and professional setting. - Duties may require being on call periodically and working outside normal working hours (evenings and weekends). Benefits - Comprehensive quality benefits package including medical, dental, vision, and a 401k with company match. - Company paid benefits including Life & AD&D, short and long-term disability, telemedicine, and other wellness plans. - Generous Flexible PTO program and paid volunteer days. - Participation in voluntary insurance plans including accident, hospitalization, and critical illness plans as well as pet insurance. - Eligibility to participate in an annual bonus or incentive program.

Security Analyst What you can expect We are seeking a Security Analyst to monitor, detect, analyse, and respond to security incidents. Leveraging advanced security tools and threat intelligence to protect organizational assets. About the Team The Detection and Response (D&R) team at Zoom is responsible for safeguarding the company's systems and information to protect customers, partners, and employees. This involves assessing business risk and countering potential threats through proactive and reactive measures. D&R encompasses Cyber Threat Intelligence, Security Logging, Detection Engineering, the Security Operations Center, and Incident Response. What we’re looking for - Have a minimum of 3 years of direct experience working in a Security Operations Center or similar environment. With a Bachelor in Engineering or similar field. - Utilize CrowdStrike NG-SIEM and Splunk for security event monitoring and analysis. - Operate CrowdStrike EDR to detect and respond to endpoint threats - Implement Cortex XSOAR for security orchestration, automation and response. - Deploy DLP (Data Loss Prevention) solutions including Cyberhaven and Digital Guardian. - Configure proxy technologies and web filtering using Zscaler. - Analyze threat intel platforms and conduct IOC analysis with Anomaly. - Perform sandboxing analysis using Joe Sandbox and other tools. - Manage ProofPoint Email security, Google admin, and ProofPoint TAP. - Develop scripting and workflow automation using XSOAR. Ways of Working Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting. Benefits As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information. About Us Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars. We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment. Our Commitment​ At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step. If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed. #LI-Remote