cFocus Software seeks an Information Assurance Engineer/Security Manager to join our program supporting the Department of Justice (DOJ). This position is fully remote. The position requires a Top Secret clearance.
Qualifications:
Bachelor’s degree in Information Technology, Computer Science, or other related fields
Active Top Secret clearance
Must have 15+ years of experience or hold Certified Information Systems Security Professional (CISSP) with 10+ years of experience
Must have deep understanding of information security concepts such as access control, Network security, Cryptography, and Vulnerability management.
Must have experience in managing security projects and responding to Security Incident and managing security professionals.
Must have experience with the Risk Management Framework (RMF) and the NIST 800-53 Rev 5 controls
Duties:
Establish, document, and maintain organization-wide security standards, procedures, and best practices.
Ensure policies align with federal and industry cybersecurity regulations and agency-specific requirements.
Design, develop, and implement network security architectures including Intrusion Detection and Prevention Systems (IDS/IPS).
Oversee integration of security solutions across systems and networks.
Conduct security engineering for enterprise IT environments, including both on-premise and cloud-based systems.
Oversee security operations to ensure real-time monitoring and detection of threats.
Manage security tools, sensors, and solutions, including patch management, encryption systems, and access control mechanisms.
Track performance and maintain compliance with industry standards and regulations (e.g., FISMA, ISO 27001).
Lead efforts to respond to and remediate security incidents.
Manage investigations, coordinate responses, and implement corrective actions.
Ensure documentation and reporting of incidents align with DOJ and federal guidelines.
Manage security-related projects and teams, ensuring delivery of cybersecurity objectives.
Supervise and mentor information security professionals and ensure knowledge transfer within the team.
Provide strategic direction on risk management and continuous improvement.
Apply and enforce the Risk Management Framework (RMF) and the NIST 800-53 Revision 5 controls for federal information systems.
Ensure proper authorization and accreditation of systems under FISMA guidelines.
