cFocus Software seeks a Tier 1 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - Foundational knowledge of cybersecurity principles and SOC operations - Familiarity with SIEM tools, preferably Microsoft Sentinel - Understanding of common attack vectors and MITRE ATT&CK framework - Basic knowledge of networking, operating systems (Windows/macOS), and cloud environments - Strong analytical and problem-solving skills - Ability to follow procedures and work in a shift-based environment - Relevant certifications (e.g., Security+, CySA+, or equivalent) - Experience with Microsoft Defender tools (Endpoint, Identity) - Exposure to log analysis and incident response processes - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Monitor security alerts and events using SIEM tools (e.g., Microsoft Sentinel) - Perform initial triage and validation of alerts to determine legitimacy - Escalate confirmed or suspicious incidents to Tier II analysts per defined procedures - Document incidents, actions taken, and findings in ticketing systems - Follow established playbooks and standard operating procedure - Assist with log review across identity, endpoint, network, and cloud environments - Support reporting requirements by contributing to weekly and monthly SOC reports - Maintain situational awareness of emerging threats and indicators of compromise

cFocus Software seeks a Tier 2 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 2+ years of SOC Analyst experience - Strong knowledge of cybersecurity operations and incident response processes - Experience with SIEM platforms, preferably Microsoft Sentinel - Understanding of MITRE ATT&CK framework and threat actor tactics - Experience analyzing logs from endpoints, networks, cloud, and identity systems - Familiarity with Microsoft Defender tools (Endpoint, Identity) and cloud platforms (AWS) - Experience with digital forensics and malware analysis - Familiarity with SOAR tools and automation workflows - Experience supporting federal or regulated environments (NIST, CUI, etc.) - Ability to perform threat hunting and advanced correlation analysis - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Perform advanced analysis and investigation of escalated security alerts and incidents - Conduct root cause analysis (RCA) and determine scope and impact of incidents - Support incident response activities including containment, eradication, and recovery - Perform threat hunting across identity, endpoint, network, cloud, and application logs - Correlate events across multiple data sources within SIEM (Microsoft Sentinel) - Develop and tune detection rules, analytics, and use cases - Maintain and improve SOC playbooks and incident response procedures - Provide detailed documentation of investigations, findings, and remediation actions - Support reporting requirements including contributions to monthly and quarterly reports - Collaborate with Tier I and Tier III analysts, engineers, and stakeholders

cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: - Active Public Trust clearance - B.S. Computer Science, Information Technology, or a related field - 5+ years of SOC Analyst experience - Expert knowledge of incident response, threat hunting, and detection engineering - Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools - Strong understanding of MITRE ATT&CK framework and adversary tactics - Experience with digital forensics and malware analysis techniques - Ability to analyze logs across identity, endpoint, network, and cloud environments - Strong knowledge of AWS logs (CloudTrail, VPC Flow Logs) and enterprise security tools - Experience with KQL (Kusto Query Language) and advanced correlation analysis - Deep understanding of NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles - Experience with SOAR platforms and automation (Logic Apps, Sentinel playbooks) - Experience supporting federal environments and compliance (CUI, FTI, NIST, IRS 1075) - Experience leading incident response engagements and reporting to leadership - Preferred certifications include but are not limited to - GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications - Microsoft Sentinel or Microsoft security platform certifications - Relevant cloud security certifications (e.g., AWS security) - Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: - Lead investigation and response for complex and high-severity security incidents - Perform advanced threat hunting using Microsoft Sentinel and Defender platforms - Conduct digital forensics, malware analysis, and root cause analysis (RCA) - Develop, tune, and optimize detection rules, analytics, and correlation logic - Map detections and activities to MITRE ATT&CK framework - Oversee incident lifecycle management (detection through containment, eradication, and recovery) - Support and improve SOC playbooks, automation workflows, and response procedures - Provide mentorship and guidance to Tier I and Tier II analysts - Identify security control gaps and recommend remediation strategies - Support red team, purple team, and adversary emulation exercises - Contribute to incident reports, quarterly threat reviews, and executive briefings

Role Description Support the implementation and operation of AI security and MLSecOps initiatives across the AI lifecycle, including data ingestion, model development, deployment, and monitoring. - Assist in identifying and analyzing AI-specific risks such as prompt injection, data poisoning, and model misuse, contributing to secure-by-design practices. - Participate in AI security assessments, helping document risks, controls, and mitigation strategies under guidance from senior team members. - Contribute to the implementation of security controls across AI systems, including data pipelines, APIs, and model environments. - Support alignment with enterprise security frameworks and standards such as NIST AI RMF, ISO, and internal governance policies. Key Responsibilities - Delivery & Execution - Assist in conducting AI/ML risk assessments, threat modeling exercises, and control evaluations. - Support the deployment and testing of security controls within AI/ML pipelines and cloud environments. - Help monitor AI systems for vulnerabilities, anomalies, and compliance issues. - Contribute to security testing activities such as basic adversarial testing and validation under supervision. - Engineering & Technical Support - Work alongside engineers and consultants to integrate security into MLOps and DevOps workflows. - Support secure configuration of cloud-based AI platforms (e.g., AWS, Azure, GCP). - Assist with documentation of system architectures, security requirements, and technical findings. - Client Support - Contribute to client deliverables including reports, presentations, and documentation. - Support project teams in meeting deadlines and maintaining quality standards. - Participate in client meetings, capturing notes and action items. - Learning & Development - Build foundational knowledge in AI security, cloud security, and cybersecurity frameworks. - Stay informed on emerging AI threats, vulnerabilities, and industry trends. - Participate in internal training and knowledge-sharing initiatives. - Collaboration - Work closely with cross-functional teams including developers, engineers, and security professionals. - Support implementation of enterprise AI security standards and best practices. Qualifications - 0–3 years of experience in cybersecurity, IT, software engineering, or a related field - Basic understanding of cybersecurity principles (network security, IAM, application security) - Exposure to cloud platforms (AWS, Azure, or GCP) and/or AI/ML concepts is a plus - Familiarity with scripting or programming (e.g., Python) preferred - Strong analytical, problem-solving, and communication skills - Eagerness to learn and grow in AI security and consulting environments Requirements - A reasonable estimate of the current base pay range for this position is $70,000 to $80,000 annually. - Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. - The range for this position in other geographic locations may differ. - Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay. Benefits - Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program - Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement - Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement - Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program