cFocus Software seeks a Sr. Network Security Engineer / Architect to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Minimum 8 years of experience in network security engineering or architecture roles.
• Hands-on experience with enterprise firewalls, IDS/IPS, network monitoring, and WAF technologies.
• Strong understanding of TCP/IP, routing, switching, VPNs, and secure network design principles.
• Experience implementing Zero Trust Architecture and network segmentation strategies.
• Familiarity with federal cybersecurity frameworks including NIST RMF, FISMA, and OMB guidance.
• Experience supporting SOC operations and incident response activities.
• Ability to obtain and maintain a Moderate or High-Risk Public Trust (Tier 2/Tier 4) clearance.
• Excellent written and verbal communication skills.
• CISSP, CCSP, CCNP, GNSP, AWS or Azure Security certification (preferred).
Duties:
• Monitor HRSA networks for intrusions, anomalies, and threats using SOC-approved tools.
• Administer, configure, and maintain firewalls, IDS/IPS, and other network security technologies.
• Design and implement secure network architectures, including zero trust and micro-segmentation models.
• Review and tune network security policies, signatures, and profiles to reduce false positives and enhance detection.
• Monitor and maintain the health of network security devices and coordinate remediation of outages or issues.
• Develop, deploy, and manage indicators of compromise (IOCs) across network security platforms.
• Support cloud-based network security controls, including WAFs and hybrid network architectures.
• Collaborate with Network Operations and SOC teams to troubleshoot complex network security issues.
• Develop network security workflows, SOPs, and architecture documentation.
• Implement automation to improve efficiency and effectiveness of network security operations.
• Perform tool upgrades, patches, and configuration changes following HRSA change management processes.
• Provide recommendations for security tool improvements and architectural enhancements.
• Participate in incident response activities and maintain on-call support as required.
• Ensure network security controls align with NIST SP 800-53, DISA STIGs, CIS benchmarks, and Zero Trust guidance.