Be on Alert – Fraudulent Employment Offers. Learn More
Cyber DevSecOps Engineer
We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work. Our employees are not only part of history, but they’re also making cybersecurity history here at ICF International.
Bring your experience and take advantage of this opportunity to discover how you can start to push past possible and achieve your goals today.
As a Cyber Security DevSecOps Engineer, you will be responsible for developing and executing multiple technical implementation projects for our clients. This position will partner with the engagement team, stakeholders and other teams to develop, execute requirements/user stories, and materials needed to support the project. As an experienced Cyber Security Engineer, you will work closely with leaders to expertly translate stakeholder vision into compelling technical requirements, effective implementation, and knowledge that our clients can execute and measure.
You will be asked to participate in a series of interviews demonstrating your knowledge, skills, and abilities about Cyber Security DevSecOps. You will be asked to participate in a panel interview and provide a small instructional overview as part of the hiring process. Your candidacy will be contingent upon successfully completing the panel interview.
This opportunity is contingent on award of contract to ICF. Contract to be awarded within 30 days of posting.
- Cyber Security DevSecOps skills and ability to facilitate and gain consensus among stakeholders and clients with disparate views
- Serve as implementation engineer for assigned engagements, managing implementation including demonstrating technical reviews, and conversing with stakeholders and others on the engagement team
- Provide Cyber Security DevSecOps expertise in internal and external reviews of implementation activities, operational documentation, and deliverables
- Experience using automation and scripting to deploy and monitor systems
- Research new and novel tactics, techniques, and procedures (TTP) to protect data and privacy
- Enroll NRC network and systems information into the SIEM tool, using information from the Vulnerability and Compliance Scanning System (VCSS) and input from ISSOs, and perform asset categorization and privatization
- Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly
- Validate that agency log retention requirements are configured properly within the agency’s log management system
- Identify shortfalls in the current capability and identify systems that are not sending logs to the agency log management system
- Maintain and continuously improve security tools and hardware necessary to protect against evolving Enterprise threats and effectively detect security incidents
- Conduct advanced monitoring and analysis of information systems to proactively detect known and potential threats that stem from technical and non-technical sources
- Maintain a comprehensive asset inventory that includes High-Value Assets (HVAs) and associated data elements to enable a prioritized approach to security operations
- Administer the Splunk based log management system and analyze the current logging capabilities
- Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system
- Maintain the Log Management and Security Information and Event Management system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirus/endpoint protection software, and vulnerability scanner elements
- Recommend improvements to current processes
- Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the agency’s log management system
- Configure agency’s log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators
You'll be a great fit if you:
- Strong presentation skills and ability to facilitate and gain consensus among stakeholders and clients with disparate views
- Ability to gather requirements through discovery calls and work with the team to translate them into user stories and tasks
- Work closely with the operations team to develop and manage engagement and other reporting requirements as required
- With technical guidance from the engagement team, provide coordination and quality assurance of all technical deliverables of the assigned engagements by editing, reviewing, and checking compliance of reports and other deliverables submitted by the engagement team. Manage the process flow of internal and external reviews of implementation activities, operational documentation, and deliverables
- Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities
- Technical expertise in principle discipline and broad knowledge in automation disciplines in Ansible, Python, Salt, Kubernetes, Docker, Rancher, and ECK Operator to revise or developing new methods and procedures on the platform
- Superior project management, time management skills and attention to detail
- Confident in partnering with and leading cross-functional teams to build communication strategies and tactics with an unwavering focus on technical engagement
- Ability to work in a fast-paced, continuously evolving environment.
- BS Degree in Computer discipline or BS Management + 5 years’ experience in Computer (Degree not Required with 10 years’ experience or more)
- Minimum of 5 years of advanced experience in Cyber Security DevSecOps, CI/CD Pipelines, Automation, Agile, Big Data or a network engineering
- At least one of the following: CISM or CISSP or GSLC or EC-Council Certified Ethical Hacker (CEH), EC-Council Licensed Penetration Tester (LPT) Master, Infosec Institute Certified Penetration Tester (CPT), Risk Management certification or other technical certifications such as: AWS and/or SANS Certifications Required (other technical certifications provided by a recognized provider will be considered
- Active High Level clearances preferred but not required
- Tier IV (Critical non-sensitive)
- Top Secret
- Dept of Energy clearance
- Dept of Homeland Security clearance
- Public Trust
- Affinity for developing solutions to a variety of problems of moderate scope and complexity.
- Ability to contribute to the completion of organizational projects and goals with very little supervision.
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.
We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.
COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email email@example.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Pay Range - There are multiple factors that are considered in determining final salary for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The salary range for Colorado is -
Nationwide Remote Office (US99)