cFocus Software Incorporated
Sr. Lead Security Engineer - FCC
cFocus Software Incorporated, Washington, District of Columbia, us, 20022
Join to apply for the
Sr. Lead Security Engineer - FCC
role at
cFocus Software Incorporated 2 days ago Be among the first 25 applicants Join to apply for the
Sr. Lead Security Engineer - FCC
role at
cFocus Software Incorporated cFocus Software seeks a Sr. Lead Security Engineer to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) or Information Systems Security Engineering Professional (ISSEP) certifications required. and Microsoft Certified Cybersecurity Architect Expert 7+ years of experience performing cyber infrastructure support activities in Enterprise Cybersecurity Support government contracts Core competencies in Cybersecurity Engineering practices Possess the knowledge, skills, tasks, and capabilities described in the Work Role for Infrastructure Support (PD-WRL-004) as outlined in the NICE Work Role Framework
Duties:
Support Identity, Credential, and Access Control Management Provide updates and reviews of the FCC’s comprehensive Software Bill of Materials (SBOM) for all software components, including all open-source, third-party, and proprietary software. Update the SBOM regularly to reflect any changes in the software components, including patches, updates, and new integrations. Identify and document any known vulnerabilities associated with the components listed in the SBOM. Ensure that all software components comply with relevant security standards and regulations Perform static code analysis to identify potential security vulnerabilities, coding errors, and adherence to coding standards. Conduct dynamic code analysis to detect runtime vulnerabilities and ensure software behaves securely under various conditions Manually review source code to identify complex security issues that automated tools might miss. Provide detailed recommendations for fixing identified vulnerabilities and ensure the development team understands and implements these fixes. Maintain thorough documentation of the review process, findings, and remediation steps for future reference and audits Provide both internal and external security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, and network Identify vulnerabilities and weaknesses within FCC systems, determining exposure and complexity of exploits. Conduct penetration testing of the enterprise IT environment. Assess the effectiveness of security controls implemented to protect FCC systems in support of the Authorization Process and Security Impact Analysis through Change Management. Mimic attacks of threat actors are defined by the Cyber Threat Intelligence (CTI) Team to assess and improve IT system resilience, SOC monitoring effectiveness, and tuning security tools within the FCC. Perform ad hoc, focused pen tests to validate the effectiveness of corrective actions to address identified weaknesses. Perform Penetration Testing Services for any internal or public websites and associated systems Develop and execute plans that include penetration testing of all OCIO systems. Validate remediations by re-testing all Critical and High findings identified through penetration testing. Perform network mapping and vulnerability scanning, support phishing simulations, report findings, and make remediation recommendations. Develop a Quarterly Penetration Testing Schedule and Annual Internal Penetration Testing Standard Operating Procedures (SOP).
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Sales, General Business, and Education Industries Wireless Services, Telecommunications, and Communications Equipment Manufacturing Referrals increase your chances of interviewing at cFocus Software Incorporated by 2x Sign in to set job alerts for “Lead Security Engineer” roles.
Security Engineer-Senior Vulnerability Mgmt
Senior Security Engineer, Identity and Access Management, AWS Identity Security
Senior Security Incident Response Engineer, AWS, AWS CorpSec Response
Herndon, VA $143,300.00-$247,600.00 2 days ago Lead Principal Security Engineer TA2-13 HSEN
Sr. Security Engineer, AWS Security Risk and Compliance
Arlington, VA $143,300.00-$247,600.00 2 weeks ago DHS Sr. Operational Technology (OT) Security Engineer
Washington, DC $195,000.00-$225,000.00 7 months ago Senior Identity, Credential, Access Management Security Engineer
Senior Principal Consultant - Security A&A Engineer (Clearance Required)
Reston, VA $87,000.00-$178,100.00 2 weeks ago Senior Security Engineer, AWS Vulnerability Management - Host OS, AWS Vulnerability Management - Host OS
Arlington, VA $143,300.00-$247,600.00 1 day ago Senior Security Engineer, AWS Vulnerability Management - Host OS, AWS Vulnerability Management - Host OS
Herndon, VA $143,300.00-$247,600.00 16 hours ago SAP NS2 Sr. Security Automation Engineer
Arlington, VA $163,200.00-$218,700.00 2 weeks ago Industrial Security Analyst - Security Engineer
Federal Solutions Architect - Sales [JOB ID 20250725]
Annapolis Junction, MD $120,000.00-$140,000.00 3 months ago Senior Data Mining and Analytics Engineer (Security Clearance Required) - Remote work - Local DC Metro or FL
Arlington, VA $107,936.00-$183,491.00 4 days ago Senior Systems Administrator (Network Operation Center)
Oxon Hill, MD $140,000.00-$155,000.00 11 months ago Arlington, VA $138,200.00-$239,000.00 1 week ago Lead, Chief SATCOM Systems Engineer (Security Clearance Required)
Arlington, VA $138,200.00-$239,000.00 2 weeks ago Sterling, VA $130,355.00-$221,603.00 5 days ago Senior Mechanical Engineer - Security Clearance Required
Washington, DC $160,000.00-$190,000.00 1 week ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 1 week ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Sr. Lead Security Engineer - FCC
role at
cFocus Software Incorporated 2 days ago Be among the first 25 applicants Join to apply for the
Sr. Lead Security Engineer - FCC
role at
cFocus Software Incorporated cFocus Software seeks a Sr. Lead Security Engineer to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) or Information Systems Security Engineering Professional (ISSEP) certifications required. and Microsoft Certified Cybersecurity Architect Expert 7+ years of experience performing cyber infrastructure support activities in Enterprise Cybersecurity Support government contracts Core competencies in Cybersecurity Engineering practices Possess the knowledge, skills, tasks, and capabilities described in the Work Role for Infrastructure Support (PD-WRL-004) as outlined in the NICE Work Role Framework
Duties:
Support Identity, Credential, and Access Control Management Provide updates and reviews of the FCC’s comprehensive Software Bill of Materials (SBOM) for all software components, including all open-source, third-party, and proprietary software. Update the SBOM regularly to reflect any changes in the software components, including patches, updates, and new integrations. Identify and document any known vulnerabilities associated with the components listed in the SBOM. Ensure that all software components comply with relevant security standards and regulations Perform static code analysis to identify potential security vulnerabilities, coding errors, and adherence to coding standards. Conduct dynamic code analysis to detect runtime vulnerabilities and ensure software behaves securely under various conditions Manually review source code to identify complex security issues that automated tools might miss. Provide detailed recommendations for fixing identified vulnerabilities and ensure the development team understands and implements these fixes. Maintain thorough documentation of the review process, findings, and remediation steps for future reference and audits Provide both internal and external security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, and network Identify vulnerabilities and weaknesses within FCC systems, determining exposure and complexity of exploits. Conduct penetration testing of the enterprise IT environment. Assess the effectiveness of security controls implemented to protect FCC systems in support of the Authorization Process and Security Impact Analysis through Change Management. Mimic attacks of threat actors are defined by the Cyber Threat Intelligence (CTI) Team to assess and improve IT system resilience, SOC monitoring effectiveness, and tuning security tools within the FCC. Perform ad hoc, focused pen tests to validate the effectiveness of corrective actions to address identified weaknesses. Perform Penetration Testing Services for any internal or public websites and associated systems Develop and execute plans that include penetration testing of all OCIO systems. Validate remediations by re-testing all Critical and High findings identified through penetration testing. Perform network mapping and vulnerability scanning, support phishing simulations, report findings, and make remediation recommendations. Develop a Quarterly Penetration Testing Schedule and Annual Internal Penetration Testing Standard Operating Procedures (SOP).
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Sales, General Business, and Education Industries Wireless Services, Telecommunications, and Communications Equipment Manufacturing Referrals increase your chances of interviewing at cFocus Software Incorporated by 2x Sign in to set job alerts for “Lead Security Engineer” roles.
Security Engineer-Senior Vulnerability Mgmt
Senior Security Engineer, Identity and Access Management, AWS Identity Security
Senior Security Incident Response Engineer, AWS, AWS CorpSec Response
Herndon, VA $143,300.00-$247,600.00 2 days ago Lead Principal Security Engineer TA2-13 HSEN
Sr. Security Engineer, AWS Security Risk and Compliance
Arlington, VA $143,300.00-$247,600.00 2 weeks ago DHS Sr. Operational Technology (OT) Security Engineer
Washington, DC $195,000.00-$225,000.00 7 months ago Senior Identity, Credential, Access Management Security Engineer
Senior Principal Consultant - Security A&A Engineer (Clearance Required)
Reston, VA $87,000.00-$178,100.00 2 weeks ago Senior Security Engineer, AWS Vulnerability Management - Host OS, AWS Vulnerability Management - Host OS
Arlington, VA $143,300.00-$247,600.00 1 day ago Senior Security Engineer, AWS Vulnerability Management - Host OS, AWS Vulnerability Management - Host OS
Herndon, VA $143,300.00-$247,600.00 16 hours ago SAP NS2 Sr. Security Automation Engineer
Arlington, VA $163,200.00-$218,700.00 2 weeks ago Industrial Security Analyst - Security Engineer
Federal Solutions Architect - Sales [JOB ID 20250725]
Annapolis Junction, MD $120,000.00-$140,000.00 3 months ago Senior Data Mining and Analytics Engineer (Security Clearance Required) - Remote work - Local DC Metro or FL
Arlington, VA $107,936.00-$183,491.00 4 days ago Senior Systems Administrator (Network Operation Center)
Oxon Hill, MD $140,000.00-$155,000.00 11 months ago Arlington, VA $138,200.00-$239,000.00 1 week ago Lead, Chief SATCOM Systems Engineer (Security Clearance Required)
Arlington, VA $138,200.00-$239,000.00 2 weeks ago Sterling, VA $130,355.00-$221,603.00 5 days ago Senior Mechanical Engineer - Security Clearance Required
Washington, DC $160,000.00-$190,000.00 1 week ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 1 week ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 2 weeks ago Arlington, VA $118,200.00-$204,300.00 3 days ago Arlington, VA $118,200.00-$204,300.00 3 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr