cFocus Software Incorporated

Compensation

Full Description

cFocus Software seeks a Sr. Network Security Engineer / Architect to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. Minimum 8 years of experience in network security engineering or architecture roles. Hands-on experience with enterprise firewalls, IDS/IPS, network monitoring, and WAF technologies. Strong understanding of TCP/IP, routing, switching, VPNs, and secure network design principles. Experience implementing Zero Trust Architecture and network segmentation strategies. Familiarity with federal cybersecurity frameworks including NIST RMF, FISMA, and OMB guidance. Experience supporting SOC operations and incident response activities. Ability to obtain and maintain a Moderate or High-Risk Public Trust (Tier 2/Tier 4) clearance. Excellent written and verbal communication skills. CISSP, CCSP, CCNP, GNSP, AWS or Azure Security certification (preferred). Duties: Monitor HRSA networks for intrusions, anomalies, and threats using SOC-approved tools. Administer, configure, and maintain firewalls, IDS/IPS, and other network security technologies. Design and implement secure network architectures, including zero trust and micro-segmentation models. Review and tune network security policies, signatures, and profiles to reduce false positives and enhance detection. Monitor and maintain the health of network security devices and coordinate remediation of outages or issues. Develop, deploy, and manage indicators of compromise (IOCs) across network security platforms. Support cloud-based network security controls, including WAFs and hybrid network architectures. Collaborate with Network Operations and SOC teams to troubleshoot complex network security issues. Develop network security workflows, SOPs, and architecture documentation. Implement automation to improve efficiency and effectiveness of network security operations. Perform tool upgrades, patches, and configuration changes following HRSA change management processes. Provide recommendations for security tool improvements and architectural enhancements. Participate in incident response activities and maintain on-call support as required. Ensure network security controls align with NIST SP 800-53, DISA STIGs, CIS benchmarks, and Zero Trust guidance.