Himalayas logo
cFocus Software IncorporatedCI

HHS - Vulnerability Analyst

cFocus Software is a leading provider of cybersecurity compliance and enterprise IT services focused on federal government agencies, dedicated to ensuring secure cloud operations.

cFocus Software Incorporated

Employee count: 11-50

United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

cFocus Software seeks a Vulnerability Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
  • Bachelor’s degree in Cybersecurity, Information Technology, or related field.
  • Minimum 5–7 years of experience in vulnerability management or security operations.
  • Strong understanding of NIST SP 800-53, NIST SP 800-30, NIST SP 800-137, and HHS vulnerability management requirements.
  • Experience performing vulnerability scanning, analysis, and remediation tracking in federal environments.
  • Experience with secure configuration standards (DISA STIGs, CIS Benchmarks).
  • Strong analytical, documentation, and communication skills.
  • CEH, Security+, CISSP, GIAC (GSEC, GPEN), or equivalent cybersecurity certifications
Duties:
  • Perform authenticated and unauthenticated vulnerability scans on a daily and ad hoc basis across servers, workstations, network devices, databases, web applications, APIs, containers, serverless functions, CI/CD pipelines, and Infrastructure as Code (IaC).
  • Analyze vulnerability scan results to determine applicability, severity, exploitability, and risk using CVSS scoring, threat intelligence, and Known Exploited Vulnerabilities (KEV) catalogs.
  • Provide daily remediation guidance and mitigation strategies to system owners, administrators, developers, and other stakeholders.
  • Maintain and ensure operational health of vulnerability scanning tools, including agents, sensors, integrations, and supporting infrastructure.
  • Coordinate with tool vendors, hosting teams, and network operations to troubleshoot and resolve tool-related issues.
  • Develop and maintain HRSA security configuration baselines using DISA STIGs and Center for Internet Security (CIS) benchmarks.
  • Perform compliance and configuration scans against approved baselines on a weekly, quarterly, and ad hoc basis.
  • Validate remediation through follow-up scans and evidence review and confirm closure of vulnerabilities.
  • Support penetration testing activities, including test planning, execution, exploitation, reporting, and coordination with stakeholders.
  • Conduct application security testing including SAST, DAST, software composition analysis, SBOM review, dependency scanning, and secure code analysis.
  • Support secure DevSecOps practices by integrating automated vulnerability testing into CI/CD pipelines and code repositories.
  • Develop vulnerability dashboards and reports for ISSOs, system owners, engineers, and DCSP leadership.
  • Maintain authoritative asset inventories and correlate data across vulnerability tools, CMDB, eGRC, and cloud inventories to ensure full scanning coverage.
  • Support Incident Response activities by providing vulnerability data, exploit analysis, and remediation recommendations.
  • Develop and maintain vulnerability management SOPs, workflows, and technical documentation.
  • Maintain SLAs for vulnerability scanning requests and remediation tracking

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

HHS HRSA Information SecurityVulnerability AnalystVulnerability ResearcherCybersecurity AnalystInformation Security Analyst

Skills

Vulnerability ManagementVulnerability TestingNIST 800 53NIST 800 37DISA STIGsCVSSThreat IntelligenceSecurity VulnerabilitiesCEH& SecurityCISSPGIACGPENEvidenceRemoteServerless Remote

About cFocus Software Incorporated

Learn more about cFocus Software Incorporated and their company culture.

View company profile

cFocus Software is a technologically advanced service provider dedicated to delivering FISMA, RMF, and FedRAMP compliance solutions, along with extensive cloud and enterprise IT services aimed at federal government agencies. Established in 2006, cFocus Software has amassed over 15 years of experience in this niche, showcasing a robust portfolio that includes our exclusive ATO as a Service™ offering. This groundbreaking solution automates the often-complex compliance processes required for federal contracts. By streamlining FISMA, RMF, and FedRAMP compliance, we enable agencies to focus their resources on their primary missions while maintaining strict adherence to security standards.

Our commitment to excellence is further demonstrated through our partnerships with key industry leaders such as Microsoft, AWS, and ServiceNow, positioning us as a Microsoft Gold Certified Partner and AWS Technology Partner among others. This allows us not only to leverage cutting-edge technologies but also to develop comprehensive multi-cloud strategies that align with modern government initiatives. At cFocus Software, we pride ourselves on our responsiveness to client needs and our dedication to superb customer service, ensuring that every federal agency we work with can achieve their operational goals efficiently and securely.

Claim this profilecFocus Software Incorporated logoCI

cFocus Software Incorporated

Company size

11-50 employees

Founded in

2006

Chief executive officer

Jasson Walker, Jr.

Markets

Cloud ComputingGovernment IT ServicesCybersecurityCompliance SolutionsEnterprise ITFederal Government ServicesMulti Cloud StrategiesSoftware as a Service (SaaS)IT ConsultingAutomation Tools

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

30 remote jobs at cFocus Software Incorporated

Explore the variety of open remote roles at cFocus Software Incorporated, offering flexible work options across multiple disciplines and skill levels.

View all jobs at cFocus Software Incorporated
Top remote companies

Remote companies like cFocus Software Incorporated

Find your next opportunity by exploring profiles of companies that are similar to cFocus Software Incorporated. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Save
Apply now
cFocus Software Incorporated hiring HHS - Vulnerability Analyst • Remote (Work from Home) | Himalayas