cFocus Software Incorporated

Lead program and project management activities supporting enterprise GIS solutions, ensuring compliance and stakeholder coordination. | Requires 12+ years in GIS consulting and project management, with experience in enterprise GIS, federal IT programs, and Agile methodologies. | cFocus Software seeks a Sr. GIS Consultant / Project Manager to join our program supporting the United States Secret Services (USSS). This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in GIS, Computer Science, Engineering, Information Systems, or related field. Minimum 12 years of experience in GIS consulting and project management. Demonstrated experience managing enterprise-level GIS solutions. Strong knowledge of ESRI ArcGIS Enterprise platforms. Proven experience leading Agile development teams. Experience with federal IT programs and DHS/USSS environments. Duties: Lead program and project management activities supporting the Enterprise GIS. Develop and execute transition-in and transition-out plans. Manage staffing, governance cadence, schedules, and surge support coordination. Serve as primary liaison with USSS stakeholders, COR, and technical teams. Oversee solution engineering, requirements definition, design, development, integration, testing, implementation, operations, and disposition activities. Facilitate Agile development processes, sprint planning, and Kanban tracking. Produce and review technical documentation, status reports, and deliverables. Ensure compliance with FISMA, DHS, and USSS cybersecurity and privacy requirements. Support Authority to Operate (ATO), POA&M management, and security reporting. Ensure Section 508 accessibility considerations are incorporated where applicable.

Lead program and project management activities supporting enterprise GIS solutions, coordinating with stakeholders, and ensuring compliance with federal cybersecurity standards. | Requires a Bachelor's in GIS, Computer Science, or related field, 9+ years of GIS and project management experience, and familiarity with federal IT environments and Agile methodologies. | cFocus Software seeks a Mid-Level GIS Consultant / Project Manager to join our program supporting the United States Secret Services (USSS). This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in GIS, Computer Science, Engineering, Information Systems, or related field. Minimum 9 years of experience in GIS consulting and project management. Demonstrated experience managing enterprise-level GIS solutions. Strong knowledge of ESRI ArcGIS Enterprise platforms. Proven experience leading Agile development teams. Experience with federal IT programs and DHS/USSS environments. Duties: Lead program and project management activities supporting the Enterprise GIS. Develop and execute transition-in and transition-out plans. Manage staffing, governance cadence, schedules, and surge support coordination. Serve as primary liaison with USSS stakeholders, COR, and technical teams. Oversee solution engineering, requirements definition, design, development, integration, testing, implementation, operations, and disposition activities. Facilitate Agile development processes, sprint planning, and Kanban tracking. Produce and review technical documentation, status reports, and deliverables. Ensure compliance with FISMA, DHS, and USSS cybersecurity and privacy requirements. Support Authority to Operate (ATO), POA&M management, and security reporting. Ensure Section 508 accessibility considerations are incorporated where applicable.

Design, develop, and maintain secure, scalable web applications with GIS integration, following best practices and security standards. | Requires 10+ years of application development experience, expertise in JavaScript and React, GIS platform experience, and security knowledge. | cFocus Software seeks a Sr. Application Developer (JavaScript/React) to join our program supporting the United States Secret Services (USSS). This position is remote. This position requires the ability a Public Trust clearance. Qualifications: • Bachelor’s degree in Computer Science, Software Engineering, Information Systems, or related field (or equivalent experience). • Minimum of 10 years of experience in application development, with strong emphasis on JavaScript and React. • Demonstrated experience developing enterprise-scale web applications. • Hands-on experience integrating with GIS platforms such as ESRI ArcGIS Enterprise and REST services. • Strong knowledge of HTML5, CSS3, JavaScript (ES6+), and modern front-end frameworks. • Experience with API integration, asynchronous programming, and state management. • Experience working in Agile/Scrum development environments. • Familiarity with federal cybersecurity requirements, secure coding, and vulnerability remediation. • Ability to obtain and maintain a DHS Tier 4a Background Investigation. Duties: • Design, develop, and maintain secure, scalable web applications using JavaScript, React, and modern front-end frameworks. • Develop user-facing GIS applications and dashboards that integrate with ArcGIS Enterprise, ArcGIS REST APIs, and geospatial services. • Collaborate with GIS architects, system engineers, and back-end developers to implement end-to-end solutions. • Develop reusable UI components and application frameworks following best practices. • Ensure applications meet performance, scalability, and availability requirements. • Implement secure coding practices aligned with DHS and USSS cybersecurity requirements. • Support SELC activities including requirements analysis, design reviews, testing, deployment, operations, and disposition. • Participate in Agile development activities including sprint planning, daily standups, demos, and retrospectives. • Develop and maintain technical documentation, code repositories, and configuration artifacts. • Integrate applications with CI/CD pipelines and automated testing frameworks. • Support application security testing, vulnerability remediation, and code reviews. • Ensure Section 508 accessibility compliance for all developed applications. • Provide Tier 3 support for application issues, incident response, and system enhancements. ELHkpU7SMQ

Design, implement, and manage secure AWS cloud architectures and security controls, ensuring compliance and integration with SIEM and SOC operations. | Minimum of 7 years cybersecurity experience with at least 4 years supporting AWS environments, with relevant certifications like AWS Security – Specialty or Solutions Architect, and knowledge of FedRAMP, FISMA, and NIST standards. | cFocus Software seeks a Sr. AWS Security Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field. Minimum of 7 years of cybersecurity experience, with at least 4 years supporting AWS environments. Hands-on experience securing AWS services (EC2, S3, RDS, Lambda, IAM, VPC). Strong knowledge of FedRAMP, FISMA, OMB A-130, and NIST RMF. Experience with CSPM tools and cloud-native security services. Experience integrating cloud security with SIEM and SOC operations. Ability to document architectures, security controls, and procedures.OSCP, GPEN, CEH, or GXPN preferred. Active AWS Certified Security – Specialty or AWS Certified Solutions Architect Active CISSP, CCSP, or equivalent (preferred). Duties: Serve as the Subject Matter Expert (SME) for AWS cloud security architecture and operations. Implement and maintain AWS security controls aligned with NIST SP 800-53 Rev. 5 and FedRAMP. Administer Cloud Security Posture Management (CSPM) solutions to detect misconfigurations and vulnerabilities. Support FedRAMP compliance by reviewing SSPs, CRMs, POA&Ms, SARs, and penetration test results. Design and implement secure AWS architectures using IAM, VPCs, security groups, encryption, and logging. Integrate AWS logging (CloudTrail, CloudWatch, GuardDuty) with HRSA SIEM solutions. Implement runtime security for EC2, containers, and serverless workloads. Develop and maintain Infrastructure as Code (IaC) using secure-by-design principles. Support zero trust cloud networking and identity-based access controls. Respond to cloud-related security incidents and support forensic investigations. Follow HRSA change management processes and develop technical implementation plans.

Supporting healthcare data and operational projects, with a focus on analytics, process improvement, and stakeholder communication. | Internship experience in healthcare analytics, project management, and familiarity with healthcare systems and data analysis tools. | cFocus Software seeks a Jr. Privacy Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Privacy, Law, Cybersecurity, Information Systems, Public Policy, or related field. Minimum 5+ years of experience supporting federal privacy programs. Expert knowledge of the Privacy Act of 1974, E-Government Act, and OMB Circular A-130. Hands-on experience leading PTAs, PIAs, and enterprise privacy assessments. Experience supporting privacy incident response and breach risk assessments. Knowledge of NIST SP 800-53 privacy controls and integration with RMF. Strong written and verbal communication skills with executive-level experience. Active CIPP/US, CIPM, CISSP, or CISM (preferred) Duties: Lead development, review, and maintenance of Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs). Provide expert guidance on the Privacy Act of 1974, E-Government Act, OMB Circular A-130, and HHS privacy policies. Advise system owners, ISSOs, and program managers on privacy risk identification and mitigation strategies. Integrate privacy requirements into the RMF lifecycle and Security Control Assessment (SCA) activities. Support HRSA Privacy Act Officer and senior leadership on privacy governance and compliance matters. Analyze privacy implications of new technologies, cloud services, data sharing initiatives, and system changes. Respond to and manage privacy incidents, including breach analysis and risk-of-harm assessments. Develop and update privacy policies, procedures, SOPs, and governance documentation. Lead and support privacy audits, data calls, and responses to oversight bodies. Develop and deliver privacy awareness and role-based training across HRSA. Prepare executive briefings, reports, and metrics on privacy posture and compliance status. Mentor junior privacy analysts and support continuous improvement of HRSA privacy processes.

Design, implement, and monitor secure network architectures and respond to security incidents. | Requires 8+ years of experience in network security, hands-on with enterprise firewalls, IDS/IPS, and familiarity with federal cybersecurity frameworks. | cFocus Software seeks a Sr. Network Security Engineer / Architect to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. Minimum 8 years of experience in network security engineering or architecture roles. Hands-on experience with enterprise firewalls, IDS/IPS, network monitoring, and WAF technologies. Strong understanding of TCP/IP, routing, switching, VPNs, and secure network design principles. Experience implementing Zero Trust Architecture and network segmentation strategies. Familiarity with federal cybersecurity frameworks including NIST RMF, FISMA, and OMB guidance. Experience supporting SOC operations and incident response activities. Ability to obtain and maintain a Moderate or High-Risk Public Trust (Tier 2/Tier 4) clearance. Excellent written and verbal communication skills. CISSP, CCSP, CCNP, GNSP, AWS or Azure Security certification (preferred). Duties: Monitor HRSA networks for intrusions, anomalies, and threats using SOC-approved tools. Administer, configure, and maintain firewalls, IDS/IPS, and other network security technologies. Design and implement secure network architectures, including zero trust and micro-segmentation models. Review and tune network security policies, signatures, and profiles to reduce false positives and enhance detection. Monitor and maintain the health of network security devices and coordinate remediation of outages or issues. Develop, deploy, and manage indicators of compromise (IOCs) across network security platforms. Support cloud-based network security controls, including WAFs and hybrid network architectures. Collaborate with Network Operations and SOC teams to troubleshoot complex network security issues. Develop network security workflows, SOPs, and architecture documentation. Implement automation to improve efficiency and effectiveness of network security operations. Perform tool upgrades, patches, and configuration changes following HRSA change management processes. Provide recommendations for security tool improvements and architectural enhancements. Participate in incident response activities and maintain on-call support as required. Ensure network security controls align with NIST SP 800-53, DISA STIGs, CIS benchmarks, and Zero Trust guidance.

Design, deploy, and maintain security infrastructure and tools supporting enterprise security operations. | Requires 8+ years in systems engineering with security focus, experience with Windows Server, Linux, virtualization, security tools, and knowledge of federal cybersecurity standards. | cFocus Software seeks a Sr. Systems Engineer (Security) to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Information Technology, Engineering, Cybersecurity, or related field. Minimum of 8 years of experience in systems engineering with a focus on security infrastructure. Strong experience with Windows Server, Linux (e.g., Red Hat Enterprise Linux), and virtualization platforms. Hands-on experience supporting enterprise security tools and SOC infrastructure. Strong understanding of NIST RMF, NIST SP 800-53, FISMA, and federal cybersecurity requirements. Experience with scripting and automation (PowerShell, Python, Bash). Ability to troubleshoot complex system, integration, and performance issues. Active CISSP, GCED, GSEC, GCIA, AWS, or Red Hat Certification (preferred). Duties: Engineer, deploy, configure, and maintain the underlying infrastructure for security tools and platforms within the HRSA SOC and IT environment. Support enterprise security tooling including SIEM, SOAR, EDR, vulnerability management, forensic, and monitoring platforms. Design and implement high availability, redundancy, and failover configurations for mission-critical security systems. Perform system performance tuning, capacity planning, and optimization for security infrastructure. Design and maintain integration architectures between security tools and HRSA IT systems to improve monitoring and response capabilities. Engineer automation solutions and scripts to streamline security operations and reduce manual processes. Support infrastructure changes following HRSA change management processes, including development of technical implementation and rollback plans. Create, update, and maintain system architecture diagrams, SOPs, configuration baselines, network diagrams, and system inventories. Document engineering workflows, deployment procedures, testing protocols, and configuration standards. Collaborate with Security Architects, SOC personnel, Network Operations, Cloud teams, and ISSOs to resolve complex technical issues. Support vulnerability remediation, incident response, and system recovery activities from an engineering perspective. Participate in audits, assessments, and compliance reviews by providing engineering evidence and technical explanations. Ensure systems meet NIST SP 800-53 control requirements and support continuous monitoring objectives. Provide technical recommendations for modernization, tool enhancement, and infrastructure improvements.

Support and lead privacy assessments, develop policies, and ensure compliance with federal privacy regulations. | Requires extensive federal privacy program experience, specialized certifications, and knowledge of privacy laws and frameworks, which are not present in your profile. | cFocus Software seeks a Sr. Privacy Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Privacy, Law, Cybersecurity, Information Systems, Public Policy, or related field. Minimum 8–10 years of experience supporting federal privacy programs. Expert knowledge of the Privacy Act of 1974, E-Government Act, and OMB Circular A-130. Hands-on experience leading PTAs, PIAs, and enterprise privacy assessments. Experience supporting privacy incident response and breach risk assessments. Knowledge of NIST SP 800-53 privacy controls and integration with RMF. Strong written and verbal communication skills with executive-level experience. Active CIPP/US, CIPM, CISSP, or CISM (preferred) Duties: Lead development, review, and maintenance of Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs). Provide expert guidance on the Privacy Act of 1974, E-Government Act, OMB Circular A-130, and HHS privacy policies. Advise system owners, ISSOs, and program managers on privacy risk identification and mitigation strategies. Integrate privacy requirements into the RMF lifecycle and Security Control Assessment (SCA) activities. Support HRSA Privacy Act Officer and senior leadership on privacy governance and compliance matters. Analyze privacy implications of new technologies, cloud services, data sharing initiatives, and system changes. Respond to and manage privacy incidents, including breach analysis and risk-of-harm assessments. Develop and update privacy policies, procedures, SOPs, and governance documentation. Lead and support privacy audits, data calls, and responses to oversight bodies. Develop and deliver privacy awareness and role-based training across HRSA. Prepare executive briefings, reports, and metrics on privacy posture and compliance status. Mentor junior privacy analysts and support continuous improvement of HRSA privacy processes.

Design, implement, and maintain secure Azure cloud environments in compliance with federal standards, supporting FedRAMP and agency ATO processes. | Minimum 7 years of cybersecurity experience with at least 4 years in Azure cloud security, with relevant certifications and experience supporting FedRAMP and FISMA environments. | cFocus Software seeks a Sr. Azure Security Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). Minimum 7 years of cybersecurity experience, with at least 4 years focused on Azure cloud security. Strong experience securing Azure IaaS, PaaS, and SaaS environments. Hands-on experience with Azure security services including Defender for Cloud, Azure Firewall, Azure WAF, Azure Sentinel, and Azure AD. Experience supporting FedRAMP and FISMA-compliant cloud environments. In-depth knowledge of NIST SP 800-53, 800-37, 800-137, and related federal guidance. Experience integrating cloud logs and telemetry into SIEM platforms. Experience with Infrastructure as Code tools such as ARM, Bicep, or Terraform. Ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Azure Solutions Architect Expert Active CISSP, CCSP, or equivalent cloud security certification, GIAC Cloud Security Automation (GCSA) or similar Duties: Serve as the Subject Matter Expert (SME) for Azure cloud security architecture, implementation, and operations. Design, implement, and maintain secure Azure IaaS, PaaS, and SaaS environments in compliance with NIST SP 800-53, NIST SP 800-37, FedRAMP, and HHS/HRSA security requirements. Administer and maintain Cloud Security Posture Management (CSPM) solutions to identify misconfigurations, vulnerabilities, and compliance gaps in Azure environments. Implement and manage Azure security controls including Azure Active Directory, RBAC, Conditional Access, Network Security Groups, Azure Firewall, Azure WAF, encryption, and key management. Support FedRAMP and agency ATO processes by validating inherited controls, reviewing FedRAMP documentation, and supporting continuous monitoring activities. Integrate Azure-native logging and monitoring services (e.g., Azure Monitor, Defender for Cloud) with HRSA’s SIEM. Implement runtime security for cloud workloads including virtual machines, containers, and serverless functions. Develop and maintain Infrastructure as Code (IaC) solutions with embedded security controls and automated validation. Support CI/CD pipeline security by integrating automated security testing tools including SAST, DAST, and IaC scanning. Design and maintain Zero Trust cloud security architectures in alignment with OMB M-22-09. Provide security guidance for cloud migrations, application onboarding, and modernization efforts. Respond to cloud-related security incidents and support incident response, forensic analysis, and remediation. Maintain SLAs for cloud security support requests and provide regular status reporting. Develop and maintain documentation including architecture diagrams, SOPs, and security baselines.

Conduct digital forensic investigations, analyze malware, produce detailed reports, and support incident containment and recovery. | Requires 5-8 years of digital forensic experience, knowledge of forensic procedures, and certifications like GCFA, GCFE, EnCE, or GCIH. | cFocus Software seeks a Digital Forensics Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Digital Forensics, Information Technology, or related field. Minimum 5–8 years of experience performing digital forensic investigations. Hands-on experience with endpoint, server, network, and cloud forensics. Strong knowledge of forensic acquisition, analysis, and evidence handling procedures. Experience supporting enterprise incident response and breach investigations. Familiarity with federal incident response and reporting requirements. Strong analytical, documentation, and communication skills. Active GCFA, GCFE, EnCE, or GCIH (preferred). Duties: Conduct digital forensic investigations following cybersecurity incidents, data breaches, and suspected malicious activity. Perform forensic acquisition and analysis of endpoints, servers, cloud workloads, network traffic, logs, and removable media. Preserve digital evidence in accordance with chain-of-custody and evidentiary handling requirements. Identify incident origin, timeline, scope, and extent of compromise using forensic methodologies. Analyze malware artifacts, scripts, and suspicious files to determine functionality and impact. Support reverse engineering and de-obfuscation of malicious content when required. Correlate forensic findings with SIEM, EDR, network, and cloud telemetry. Produce detailed forensic reports documenting methodology, findings, evidence, and recommendations. Support incident containment, eradication, and recovery activities through forensic insight. Assist with investigations involving PII, PHI, and other sensitive data in coordination with HRSA Privacy and Legal teams. Support FOIA searches, OGC litigation holds, and OIG criminal investigations as required. Maintain forensic toolsets, images, and procedures in accordance with HRSA SOPs. Participate in cyber exercises, tabletop exercises, and after-action reviews. Provide expert guidance to SOC Analysts, Incident Responders, and Threat Hunters. Ensure compliance with NIST SP 800-61, NIST SP 800-86, and HHS incident response guidance.

Monitor and analyze network security threats, configure security devices, and support zero trust architecture initiatives. | 7+ years of network security experience, hands-on with firewalls, IDS/IPS, WAF, and network monitoring tools, with knowledge of federal security standards and certifications preferred. | cFocus Software seeks a Sr. Network Security Engineer (Firewall / IDS / IPS / WAF) to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Information Technology, Cybersecurity, or related field (or equivalent experience). 7+ years of experience in network security engineering or SOC operations. Hands-on experience with firewalls, IDS/IPS, WAF, and network monitoring tools. Strong understanding of TCP/IP, routing, switching, and network protocols. Experience with zero trust architecture and network segmentation concepts. Knowledge of NIST SP 800-53, FISMA, OMB, and HHS security requirements. Ability to analyze network traffic, logs, and alerts to identify malicious activity. Strong documentation and communication skills. Experience working in a federal or regulated environment preferred. CISSP, CCNP Security, CCIE Security, GCIH, GCIA, GCED, Palo Alto, or Fortinet certifications (preferred). Duties: Monitor HRSA networks for intrusions, anomalies, and threats using approved SOC tools. Administer, configure, and maintain firewalls, IDS/IPS, inline filtering devices, and network security platforms. Review and tune network security policies, signatures, and profiles to reduce false positives and improve detection. Monitor firewall and network security device health daily and troubleshoot operational issues. Develop and deploy indicators of compromise (IOCs) based on emerging threats. Investigate triggered network security alerts and respond within defined SLA timeframes. Support zero trust network architecture initiatives including segmentation and identity-aware controls. Adjust and maintain cloud WAF configurations to protect applications from OWASP Top 10 threats, bot activity, and DDoS attacks. Perform upgrades, patches, and configuration changes following HRSA change management processes. Develop workflows, SOPs, and documentation for network security operations. Provide on-call support per SOC procedures and incident response requirements. Coordinate with Network Operations and SOC teams to resolve complex network security incidents. Provide recommendations for tool enhancements and network security process improvements. Implement automation to improve network security monitoring and response efficiency.

Oversee federal cybersecurity programs, ensure compliance, and manage stakeholder communications. | Requires 8+ years managing federal IT or cybersecurity programs, PMP or similar certification, and knowledge of federal cybersecurity policies. | cFocus Software seeks a Program Manager to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Information Technology, Cybersecurity, or related field (Master’s preferred). PMP or equivalent project management certification. Minimum 8 years of experience managing federal IT or cybersecurity programs. Demonstrated knowledge of FISMA, NIST 800-37, NIST 800-53, RMF, and HHS cybersecurity policies. Experience supporting executive-level reporting and federal compliance initiatives. Duties: Serve as the primary point of contact to the Contracting Officer (CO), Contracting Officer’s Representative (COR), Government Project Manager, and DCSP leadership. Provide day-to-day program oversight including staffing, scheduling, quality control, and performance management. Lead and facilitate post-award kick-off meetings, monthly status meetings, and ad hoc coordination sessions. Develop and maintain Management Plans, Communications Plans, Risk Registers, Stakeholder Registers, and Staffing Plans. Submit Monthly Status Reports, weekly metrics, and quarterly progress reports. Track risks, issues, and dependencies and coordinate mitigation strategies with the Government. Ensure contractor staff comply with on-call procedures, SLAs, SOPs, and security requirements. Oversee transition-in and transition-out planning and execution. Maintain responsibility matrices, cross-training plans, and knowledge-sharing activities. Coordinate, track, and oversee activities, deliverables, and timelines across all DCSP workstreams. Manage and respond to internal and external cybersecurity data calls and audits. Draft, update, and maintain cybersecurity and privacy policies, procedures, standards, and governance documentation. Develop executive briefings, dashboards, reports, and presentations for HRSA and HHS leadership. Support strategic planning efforts including cybersecurity roadmaps, zero trust initiatives, cloud security, and emerging technology adoption.

Perform vulnerability scans, analyze results, and coordinate remediation efforts in federal environments. | Requires 5-7 years of vulnerability management experience, knowledge of federal security standards, and relevant cybersecurity certifications. | cFocus Software seeks a Vulnerability Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: • Bachelor’s degree in Cybersecurity, Information Technology, or related field. • Minimum 5–7 years of experience in vulnerability management or security operations. • Strong understanding of NIST SP 800-53, NIST SP 800-30, NIST SP 800-137, and HHS vulnerability management requirements. • Experience performing vulnerability scanning, analysis, and remediation tracking in federal environments. • Experience with secure configuration standards (DISA STIGs, CIS Benchmarks). • Strong analytical, documentation, and communication skills. • CEH, Security+, CISSP, GIAC (GSEC, GPEN), or equivalent cybersecurity certifications Duties: • Perform authenticated and unauthenticated vulnerability scans on a daily and ad hoc basis across servers, workstations, network devices, databases, web applications, APIs, containers, serverless functions, CI/CD pipelines, and Infrastructure as Code (IaC). • Analyze vulnerability scan results to determine applicability, severity, exploitability, and risk using CVSS scoring, threat intelligence, and Known Exploited Vulnerabilities (KEV) catalogs. • Provide daily remediation guidance and mitigation strategies to system owners, administrators, developers, and other stakeholders. • Maintain and ensure operational health of vulnerability scanning tools, including agents, sensors, integrations, and supporting infrastructure. • Coordinate with tool vendors, hosting teams, and network operations to troubleshoot and resolve tool-related issues. • Develop and maintain HRSA security configuration baselines using DISA STIGs and Center for Internet Security (CIS) benchmarks. • Perform compliance and configuration scans against approved baselines on a weekly, quarterly, and ad hoc basis. • Validate remediation through follow-up scans and evidence review and confirm closure of vulnerabilities. • Support penetration testing activities, including test planning, execution, exploitation, reporting, and coordination with stakeholders. • Conduct application security testing including SAST, DAST, software composition analysis, SBOM review, dependency scanning, and secure code analysis. • Support secure DevSecOps practices by integrating automated vulnerability testing into CI/CD pipelines and code repositories. • Develop vulnerability dashboards and reports for ISSOs, system owners, engineers, and DCSP leadership. • Maintain authoritative asset inventories and correlate data across vulnerability tools, CMDB, eGRC, and cloud inventories to ensure full scanning coverage. • Support Incident Response activities by providing vulnerability data, exploit analysis, and remediation recommendations. • Develop and maintain vulnerability management SOPs, workflows, and technical documentation. • Maintain SLAs for vulnerability scanning requests and remediation tracking Powered by JazzHR Remote About the Company: cFocus Software Incorporated

Conduct research, design, and implement AI/ML models to support program objectives. Collaborate with program managers, engineers, and analysts to identify opportunities for AI/ML integration into operations. | A degree in a related discipline and 3+ years of professional experience in AI/ML are preferred. Candidates should have programming proficiency and a strong understanding of machine learning algorithms and techniques. | cFocus Software seeks an AI/ML Analyst to join our program supporting the Navy. This position is remote. This position requires active Secret clearance. Qualifications: A degree in Computer Science, Information Systems, Engineering, Business Administration, or other related discipline is preferred. 3+ years of professional experience developing and implementing AI models and algorithms to address complex business and mission challenges. Programming proficiency (e.g., Python, R, SQL, Java, Scala, C++, Tableau). Experience and understanding of machine learning (ML) and related algorithms (e.g., linear regression, logistic regression, decision trees, random forests, support vector machines, and gradient boosting methods), unsupervised learning (e.g. clustering algorithms (K-Means, hierarchical clustering, DBSCAN), dimensionality reduction techniques (e.g., PCA, t-SNE), and anomaly detection methods, and familiarity with reinforcement learning principles. Understand the architecture and training of different types of neural networks (e.g., N0017825R3013 Page 5 of 8 feedforward networks, convolutional neural networks, recurrent neural networks, transformers). Experience building, training, and deploying deep learning models, familiarity with Natural Language Processing techniques such as but not limited to text classification, sentiment analysis, named entity recognition, and topic modeling. Knowledge of object detection, image segmentation, and image classification. Knowledge of Data Wrangling and Preprocessing, Statistical Analysis, Model Evaluation and Selection, Model Deployment and Monitoring, Big Data Technologies, and Data Visualization (e.g. Tableau, Power BI, Matplotlib, Seaborn). Collaborate with data engineers to preprocess and clean data for AI models. Create and maintain documentation for AI models, algorithms, and workflows. Troubleshooting and resolving issues related to AI systems. Report findings and recommendations to stakeholders, including technical and non-technical audiences. Duties Conduct research, design, and implement AI/ML models to support program objectives as outlined in the PWS. Develop, test, and validate machine learning algorithms to analyze structured and unstructured data sets. Collaborate with program managers, engineers, and analysts to identify opportunities for AI/ML integration into operations. Perform data preprocessing, cleaning, feature engineering, and exploratory data analysis (EDA). Utilize natural language processing (NLP), computer vision, or predictive analytics tools as required by project tasks. Generate dashboards, visualizations, and reports to communicate findings and support decision-making. Support the automation of repetitive tasks and workflows through AI/ML-driven solutions. Evaluate the performance, accuracy, and reliability of AI/ML models against mission-specific requirements. Ensure compliance with data governance, privacy, and security standards while handling sensitive data. Stay current with emerging AI/ML technologies and provide recommendations for adoption and improvement. Provide technical documentation, model explainability, and briefing materials for stakeholders and leadership. Assist in training and knowledge transfer sessions to enable staff to effectively utilize AI/ML solutions.

The Sr. Test Engineer will provide technical expertise during requirements collection and analysis, and develop solutions to meet the needs of the GMO Programs. They will also develop testing criteria, test plans, and conduct both manual and automated testing. | Candidates must have a bachelor's or master's degree in IT, Computer Science, Geography, or a related field, along with 14+ years of relevant experience. A Public Trust Clearance is required for this position. | cFocus Software seeks a Sr. Test Engineer to join our brand-new 3-year program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. This position requires a Public Trust Clearance Qualifications: Bachelor’s or master’s degree in IT, Computer Science, Geography or a related field. 14+ years of Test Engineer/Quality Assurance experience 14+ years of experience with .NET, C#, Python, Notebook Server, ESRI APIs, Software Development Kits (SDKs). Duties: Provide technical expertise during requirements collection and analysis, defining tasks/stories. Develop solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Develop testing criteria based on Operational Requirements and Key Performance Parameters. Develop test plans and test scripts to ensure that the integrity and security of the system(s) are adequately protected, and user requirements are met. Develop new and maintain existing automation test cases. Conduct developmental and operational testing including executing test cases (manual and automated) and capture results. Report testing conclusions and recommendations to support test results.

The Mid-Level Application Developer will design, develop, and maintain custom geospatial and situational awareness applications to meet organizational needs. They will also provide technical expertise during requirements collection and analysis, and ensure compliance with federal best practices and policies. | Candidates must have a bachelor's or master's degree in IT, Computer Science, Geography, or a related field, along with 7+ years of application development experience. Proficiency in .NET, C#, Python, and ESRI APIs is required. | cFocus Software seeks a Mid-Level Application Developer to join our brand-new 3-year program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. This position requires a Public Trust Clearance Qualifications: Bachelor’s or master’s degree in IT, Computer Science, Geography or a related field. 7+ years of Application Development experience 7+ years of experience with .NET, C#, Python, Notebook Server, ESRI APIs, Software Development Kits (SDKs). Duties: Design, develop and maintain custom geospatial and situational awareness applications and tools to meet specific organizational needs. Provide technical expertise during requirements collection and analysis, defining tasks/stories. Develop solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Develop testing criteria based on Operational Requirements and Key Performance Parameters. Develop test plans and test scripts to ensure that the integrity and security of the system(s) are adequately protected, and user requirements are met. Develop new and maintain existing automation test cases. Conduct developmental and operational testing including executing test cases (manual and automated) and capture results. Report testing conclusions and recommendations to support test results. Implement solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Integrate geospatial applications with other enterprise systems to enhance functionality and data sharing. Ensure that all development work complies with Federal government and industry best practices, DHS directives/policies, and federal laws. Develop scripts to automate routine geospatial tasks, such as data processing, analysis, and reporting. Implement automated workflows to improve efficiency and reduce manual intervention. Create and deploy custom web applications using ESRI's Experience Builder, or custom JavaScript applications leveraging the ArcGIS API for JavaScript, python, etc. Set up and customize Dashboards to display real-time data, key performance indicators, and other relevant information in an interactive and visually appealing manner. Develop and implement automation scripts using Python and ArcGIS Notebooks to streamline data processing, analysis, and reporting tasks. Design and publish web maps and layers, including configuring symbology, pop-ups, and labeling to meet specific user requirements. Design and implement AI-driven automated workflows to improve efficiency, reduce manual intervention, and optimize geospatial data handling processes. Leverage AI to dynamically adjust workflows based on real-time data inputs and changing operational requirements. Regularly update and maintain the customized applications to ensure compatibility with the latest ESRI software releases and to incorporate new features and enhancements. Ensure that all scripting and automation efforts comply with Federal government and industry best practices, DHS directives/policies, and federal laws. Propose innovative solutions to enhance the capabilities of the ESRI Portal and ArcGIS Online systems. Stay current with industry trends and advancements in geospatial technology to recommend and implement new features and functionalities. Ensure that all enhancements are in line with Federal government and industry best practices, DHS directives/policies, and federal laws.

The Mid-Level Test Engineer will provide technical expertise during requirements collection and analysis, and develop solutions to meet the needs of the GMO Programs. They will also develop testing criteria, test plans, and conduct both manual and automated testing. | Candidates must have a bachelor's or master's degree in IT, Computer Science, Geography, or a related field, along with 7+ years of experience in Test Engineering and proficiency in .NET, C#, and Python. A Public Trust Clearance is required for this position. | cFocus Software seeks a Mid-Level Test Engineer to join our brand-new 3-year program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. This position requires a Public Trust Clearance Qualifications: Bachelor’s or master’s degree in IT, Computer Science, Geography or a related field. 7+ years of Test Engineer/Quality Assurance experience 7+ years of experience with .NET, C#, Python, Notebook Server, ESRI APIs, Software Development Kits (SDKs). Duties: Provide technical expertise during requirements collection and analysis, defining tasks/stories. Develop solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Develop testing criteria based on Operational Requirements and Key Performance Parameters. Develop test plans and test scripts to ensure that the integrity and security of the system(s) are adequately protected, and user requirements are met. Develop new and maintain existing automation test cases. Conduct developmental and operational testing including executing test cases (manual and automated) and capture results. Report testing conclusions and recommendations to support test results.

The Mid-Level Geospatial Analyst performs data collection, analysis, interpretation, and management duties. They prepare presentations reflecting the results of data analysis and provide specific analysis for homeland security mission areas. | Candidates must have a bachelor's or master's degree in IT, Computer Science, Geography, or a related field, along with 8+ years of GIS experience. Proficiency with the ESRI Suite and knowledge of DHS policies and procedures are also required. | cFocus Software seeks a Mid-Level Geospatial Analyst to join our brand-new program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. This position requires a Public Trust Clearance Qualifications: Bachelor’s or master’s degree in IT, Computer Science, Geography or a related field. 8+ years of GIS experience 8+ years of experience with ESRI Suite, ArcGIS Online, ArcGIS Enterprise, AWS, & DHS Policies and Procedures Duties: Performs data collection, analysis, interpretation, and management duties. Prepare presentations that reflect the results of the data analysis. Works with scientists and other technical experts to design and develop statistical analyses methodologies. Provides specific analysis and research for homeland security mission areas (i.e. critical infrastructure protection, flood risk modeling, law enforcement operations, etc.). Prepares assessments of current threats and trends based on the sophisticated collection, research and analysis of classified and open-source information. Leads technical demonstrations, exchanges, and other technical presentations on materials and analysis generated.

The Senior Application Developer will design, develop, and maintain custom geospatial and situational awareness applications to meet organizational needs. They will also provide technical expertise during requirements collection and analysis, and ensure compliance with federal best practices and policies. | Candidates must have a bachelor's or master's degree in IT, Computer Science, Geography, or a related field, along with 10+ years of application development experience. Proficiency in .NET, C#, Python, and ESRI APIs is essential. | cFocus Software seeks a Senior Application Developer to join our brand-new 3-year program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. Qualifications: Bachelor’s or master’s degree in IT, Computer Science, Geography or a related field. 10+ years of Application Development experience 10+ years of experience with .NET, C#, Python, Notebook Server, ESRI APIs, Software Development Kits (SDKs). Duties: Design, develop and maintain custom geospatial and situational awareness applications and tools to meet specific organizational needs. Provide technical expertise during requirements collection and analysis, defining tasks/stories. Develop solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Develop testing criteria based on Operational Requirements and Key Performance Parameters. Develop test plans and test scripts to ensure that the integrity and security of the system(s) are adequately protected, and user requirements are met. Develop new and maintain existing automation test cases. Conduct developmental and operational testing including executing test cases (manual and automated) and capture results. Report testing conclusions and recommendations to support test results. Implement solutions to meet the needs of the GMO Programs (i.e., COP, HIFLD, and GII). Integrate geospatial applications with other enterprise systems to enhance functionality and data sharing. Ensure that all development work complies with Federal government and industry best practices, DHS directives/policies, and federal laws. Develop scripts to automate routine geospatial tasks, such as data processing, analysis, and reporting. Implement automated workflows to improve efficiency and reduce manual intervention. Create and deploy custom web applications using ESRI's Experience Builder, or custom JavaScript applications leveraging the ArcGIS API for JavaScript, python, etc. Set up and customize Dashboards to display real-time data, key performance indicators, and other relevant information in an interactive and visually appealing manner. Develop and implement automation scripts using Python and ArcGIS Notebooks to streamline data processing, analysis, and reporting tasks. Design and publish web maps and layers, including configuring symbology, pop-ups, and labeling to meet specific user requirements. Design and implement AI-driven automated workflows to improve efficiency, reduce manual intervention, and optimize geospatial data handling processes. Leverage AI to dynamically adjust workflows based on real-time data inputs and changing operational requirements. Regularly update and maintain the customized applications to ensure compatibility with the latest ESRI software releases and to incorporate new features and enhancements. Ensure that all scripting and automation efforts comply with Federal government and industry best practices, DHS directives/policies, and federal laws. Propose innovative solutions to enhance the capabilities of the ESRI Portal and ArcGIS Online systems. Stay current with industry trends and advancements in geospatial technology to recommend and implement new features and functionalities. Ensure that all enhancements are in line with Federal government and industry best practices, DHS directives/policies, and federal laws.

Design, develop, enhance, test, debug, and implement GIS software solutions while integrating COTS/GOTS products and advising on DHS architecture standards. | 10+ years of GIS Software Architecture experience with a bachelor’s or master’s degree in IT or related field, and knowledge of DHS enterprise architecture. | cFocus Software seeks a GIS System/Software Architect SME and Senior level to join our brand-new 3-year program supporting the Department of Homeland Security (DHS). This position is primarily remote. However, on-site meetings in Springfield, VA may be required. Qualifications: • Bachelor’s or master’s degree in IT, Computer Science, or a related field. • 10+ years of GIS Software Architecture experience Duties: • Provide technical and analytical expertise designing, developing, enhancing, testing, debugging, and implementing GIS software in accordance with software development best practices. • Research, test, build, and coordinate the conversion and/or integration of new Commercial off-the-shelf (COTS) and Government off-the-shelf (GOTS) products based on government requirements • Deliver complex information technology solutions with a particular understanding of complex geospatial integration. • Support the development of processes and methodologies to enhance the overall software process. • Applied knowledge of enterprise IT needs to design improved processes, generate and capture user requirements and ensure solutions adhere to DHS Enterprise Architecture models, standards and requirements. • Serves as an advisor and proposes changes to existing architectures to meet emerging DHS requirements, affect efficiencies, in workflows, or improve outcomes.