cFocus Software Incorporated · 3 hours ago
HHS - Sr. Azure Security Engineer
United States
Full-time
Remote
Senior Level
7+ years expcFocus Software Incorporated is seeking a Sr. Azure Security Engineer to support the Department of Health and Human Services (HHS). The role involves serving as the Subject Matter Expert for Azure cloud security, designing and maintaining secure Azure environments, and ensuring compliance with federal security requirements.
ChatbotGovernmentInformation TechnologySoftware
No H1B
Security Clearance Required
Responsibilities
Serve as the Subject Matter Expert (SME) for Azure cloud security architecture, implementation, and operations
Design, implement, and maintain secure Azure IaaS, PaaS, and SaaS environments in compliance with NIST SP 800-53, NIST SP 800-37, FedRAMP, and HHS/HRSA security requirements
Administer and maintain Cloud Security Posture Management (CSPM) solutions to identify misconfigurations, vulnerabilities, and compliance gaps in Azure environments
Implement and manage Azure security controls including Azure Active Directory, RBAC, Conditional Access, Network Security Groups, Azure Firewall, Azure WAF, encryption, and key management
Support FedRAMP and agency ATO processes by validating inherited controls, reviewing FedRAMP documentation, and supporting continuous monitoring activities
Integrate Azure-native logging and monitoring services (e.g., Azure Monitor, Defender for Cloud) with HRSA’s SIEM
Implement runtime security for cloud workloads including virtual machines, containers, and serverless functions
Develop and maintain Infrastructure as Code (IaC) solutions with embedded security controls and automated validation
Support CI/CD pipeline security by integrating automated security testing tools including SAST, DAST, and IaC scanning
Design and maintain Zero Trust cloud security architectures in alignment with OMB M-22-09
Provide security guidance for cloud migrations, application onboarding, and modernization efforts
Respond to cloud-related security incidents and support incident response, forensic analysis, and remediation
Maintain SLAs for cloud security support requests and provide regular status reporting
Develop and maintain documentation including architecture diagrams, SOPs, and security baselines
Qualification
Required
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
Minimum 7 years of cybersecurity experience, with at least 4 years focused on Azure cloud security
Strong experience securing Azure IaaS, PaaS, and SaaS environments
Hands-on experience with Azure security services including Defender for Cloud, Azure Firewall, Azure WAF, Azure Sentinel, and Azure AD
Experience supporting FedRAMP and FISMA-compliant cloud environments
In-depth knowledge of NIST SP 800-53, 800-37, 800-137, and related federal guidance
Experience integrating cloud logs and telemetry into SIEM platforms
Experience with Infrastructure as Code tools such as ARM, Bicep, or Terraform
Ability to effectively communicate technical concepts to both technical and non-technical stakeholders
Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Azure Solutions Architect Expert
Active CISSP, CCSP, or equivalent cloud security certification, GIAC Cloud Security Automation (GCSA) or similar
Company
cFocus Software Incorporated
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
Company data provided by crunchbase