Job Requirements
Remote
Public Trust Polygraph Unspecified
Career Level not specified
$98,614 - $167,644
Job Description
Description
The Work:
ICFis looking for an enthusiasticSenior Security Engineerto join our team and helpwithensuring our environments and applications meet Federal Security Standards.If you areSecurity Engineerinterested in applying yourexpertiseinSecurityEngineeringin a consulting environment, then this may be the role for you.
Job Location:
This position requires that the job be performed in the United States. If you accept this position, you should note that ICF does monitor employee work locations and blocks access from foreign locations/foreign IPaddresses, andalso prohibits personal VPN connections.
What You Will Do:
The selected candidate willbe requiredto work on multiple products and must be able to develop and present secure solutions and advice to technical teams as well as leadership. The candidate will furtherbe requiredto assess risks and advise on security standards, best practices, and solutions. All this must be done bymaintainingsecurity quality and customer satisfaction.Various tools are used to detectvulnerabilitiesand the security engineer documents these vulnerabilities and works with developers to get them corrected. The security engineer will need to work on a path to production for new applications ensuring all the documentation andappropriate stepsare taken and approved to have a highly secure production application and environment.
Responsibilities:
Basic Qualifications:
What We Would Like YouToBringWithYou: .
Professional Skills:
#DMX-HES
Working at ICF
ICF is a global advisory and technology services provider, but we're not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.
We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer . Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.
We will consider for employment qualified applicants with arrest and conviction records.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about workplacediscriminationrigh t s or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.
Candidate AI Usage Policy
At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted . This policy is in place to maintain the integrity and authenticity of the interview process.
However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com . We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position based on full-time employment is :
$98,614.00 - $167,644.00
Nationwide Remote Office (US99)
The Work:
ICFis looking for an enthusiasticSenior Security Engineerto join our team and helpwithensuring our environments and applications meet Federal Security Standards.If you areSecurity Engineerinterested in applying yourexpertiseinSecurityEngineeringin a consulting environment, then this may be the role for you.
Job Location:
This position requires that the job be performed in the United States. If you accept this position, you should note that ICF does monitor employee work locations and blocks access from foreign locations/foreign IPaddresses, andalso prohibits personal VPN connections.
- Our core work hours are 10am - 4pm Eastern Time with theoptionto start earlier or work later depending on your time zone.However, please note our client is on the east coast and may sometimes start a meeting earlier than 10:00which may require your participation.
- Travel for a conference or to another ICF location for collaborationmayberequiredonce a year.
What You Will Do:
The selected candidate willbe requiredto work on multiple products and must be able to develop and present secure solutions and advice to technical teams as well as leadership. The candidate will furtherbe requiredto assess risks and advise on security standards, best practices, and solutions. All this must be done bymaintainingsecurity quality and customer satisfaction.Various tools are used to detectvulnerabilitiesand the security engineer documents these vulnerabilities and works with developers to get them corrected. The security engineer will need to work on a path to production for new applications ensuring all the documentation andappropriate stepsare taken and approved to have a highly secure production application and environment.
Responsibilities:
- Perform Static Application Security Testing (SAST) toidentifypotential vulnerabilities in the application code and infrastructure
- Perform Dynamic Application Security Testing (DAST)
- Create and update threat models for FISMA systems
- Assistand lead security incident response
- Assistwith documentation of System Security plan and Contingency Plans for related projects
- Ensure security systems are up to date and create documentation and planning for all security-related information, including incident response and disaster recovery plans
- Review policies and procedures for compliance with applicable standards; and toidentifyareas of improvement for finding remediation
- Interact with senior level management, including the ISSO
- Usesecurity assessment tools such as Nessus,Snyk, AWSGuardDutyand AWS Inspector
- Apply a demonstrated understanding of cryptography tosecureweb applications and data at rest
- Work with development teams to review and correctcode written in higher level programming languages and scripts
- Work with DevOps teams to securely harden Linux based machines and cloudinfrastructure
Basic Qualifications:
- Bachelor's Degree
- 5+ years of professional security engineering experience
- Candidate must be able to obtain andmaintaina Public Trust
- Candidate mustresidein the U.S.,be authorized towork in the U.S., and all work must be performed in the U.S.
- Candidate must have lived in the U.S. for three (3) full years out of the last five (5) years
What We Would Like YouToBringWithYou: .
- Hands on experience that includes:
- NIST 800-53 security controls
- System hardening and implementation of DoD STIGs
- Leading incident response activities
- Data management and applied cryptography
- Cloud security and infrastructure (AWS, Azure, and/or GCP)
- Awareness of OWASP Top Ten and CWE Top 25
- Linux command line usage (e.g., bash, sh, zsh)
- Scripting in Python, Perl, or similar languages
- Prior experience in consulting or healthcare is an advantage but not essential.
- Strong engineering background
- Application architecture experience
- Federal Government contracting work experience
- One or more of the following certifications is preferred:
- OSCP/OSCE/OWSE
- CISSP
- GPEN
- GXPN
- Security +
- CEH
Professional Skills:
- Goodleadershipandteam-workingskills.
- Highly effective analytical, problem-solving, and decision-making capabilities.
- Excellent communication and interpersonal skills to interface effectively at all levels of the business.
- Organized,detailed orientedand able to prioritize and multi-task.
- Ability to self-organize,prioritizeand conduct work on multiple projects under tight deadlines in a fast-paced environment.
- Prior experience working remotely full-time
#DMX-HES
Working at ICF
ICF is a global advisory and technology services provider, but we're not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.
We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer . Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.
We will consider for employment qualified applicants with arrest and conviction records.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about workplacediscriminationrigh t s or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.
Candidate AI Usage Policy
At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted . This policy is in place to maintain the integrity and authenticity of the interview process.
However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com . We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position based on full-time employment is :
$98,614.00 - $167,644.00
Nationwide Remote Office (US99)
group id: 10106050
