Role Description

cFocus Software seeks a Sr. Cybersecurity Engineer / Architect to join our program supporting the National Institutes of Health (NIH). This position is remote and requires a Public Trust clearance.

• Lead security engineering and architecture activities
• Implement NIST 800-53 controls
• Advise development teams on secure SDLC practices
• Support incident response analysis
• Implement security controls and network protections
• Design, review, and implement secure architectures supporting hybrid scientific and IT environments across NCATS infrastructure
• Provide technical leadership on security engineering solutions supporting secure system development and infrastructure modernization
• Ensure architectures align with NIST SP 800‑53, NIST SP 800‑37, NIST SP 800‑160, FISMA, and NIH security policies
• Integrate security engineering practices across the system development lifecycle (SDLC) using DevSecOps and security‑by‑design principles
• Provide technical cybersecurity consulting to developers, engineers, and project stakeholders implementing NIST SP 800‑53 Rev. 5 security and privacy controls throughout system development
• Participate in architecture discussions, sprint reviews, and design reviews to ensure security requirements are integrated into system design and implementation
• Map system functionality to applicable security controls and develop control baselines aligned with system FIPS‑199 categorizations
• Provide implementation guidance on encryption, identity management, logging, secure API management, and other security technologies
• Assist with development of RMF artifacts including SSPs, SAPs, SARs, POA&Ms, Continuous Monitoring Strategies, and PIAs
• Serve as a technical lead supporting incident response coordination, analysis, and remediation across NCATS systems
• Coordinate with NCATS IT teams, security stakeholders, and the NIH Cyber Security Operations team
• Perform incident triage, containment, analysis, escalation, and remediation activities
• Conduct forensic analysis, malware review, and technical investigations supporting incident response activities
• Develop incident reports documenting root cause, impact, remediation steps, and lessons learned
• Support system authorization and assessment readiness activities for NCATS information systems
• Conduct pre‑assessment reviews and security control validation to prepare systems for compliance with federal security requirements
• Develop and maintain Authority to Operate (ATO) documentation and supporting artifacts
• Support FedRAMP authorization activities where applicable
• Assist with independent security assessments and remediation of identified vulnerabilities
• Provide engineering support for network security architecture and firewall management across the NCATS environment
• Design and maintain network segmentation strategies and security zones based on risk and sensitivity
• Implement firewall rules based on least privilege and default‑deny principles
• Conduct firewall configuration management, rule validation, and change control
• Validate logging configurations across network devices to support federal logging and monitoring requirements

Qualifications

• Bachelor’s degree in Computer Science, Cyber Security, or related field
• 10+ years of cybersecurity engineering or security architecture experience
• Experience designing and implementing security controls in federal or regulated environments
• Security architecture and engineering practices
• NIST Risk Management Framework (RMF)
• NIST SP 800‑53 security controls
• FISMA compliance
• Security authorization / ATO processes
• Incident response and threat analysis
• Network security architecture and firewall management