Be on Alert – Fraudulent Employment Offers. Learn More

Reston, Virginia, United States of America
JOB #R2205150

DevSecOps Management SME - Remote

At ICF, we are fearless in finding new ways to solve problems, relentlessly making sure it pays off for our clients and committed to making a positive change in the world. Join our community of management consultants, mission-driven technologists, data scientists, innovation researchers, CIO strategists, and public health researchers & evaluators to challenge the status quo.

As we expand our services and support this growth, we are looking for Management Consultants to join our Public Health Informatics and Technology (PHIT) business providing technical assistance services to the Centers for Disease Control and Prevention (CDC). Our services support the CDC Office of the Chief Information Officer (OCIO) and broader CDC Centers, Institutes, and Offices (C/I/Os) in meeting the objectives of the agency's Data Modernization Initiative (DMI).

In this role, you will serve as a Management Consultant Subject Matter Expert (SME) to assess, plan, recommend, and provide implementation guidance to speed up and automate aspects of the processes of provisioning services and software. You will socialize these recommendations across client and ICF levels and coach development teams, contractors, and others on how to apply them. The ideal candidate has strong skills in project management, business development, analytical thinking, and excellent report writing.

This role is a high-visibility technology position requiring an extensive background in operational processes, industry standards, and implementations with leading COTS products and services to be applied in product and service delivery. Expectations typically include design artifact and transitional roadmap development, system design, software prototyping, and team mentoring in a dynamic client and business partner-facing atmosphere.

What you will do:

  • Attend client and team virtual meetings and, when required, on-site in-person meetings.
  • Independent Verification and Validation (IV&V), Technology Assessment, Alternatives Analysis, Enterprise, and Conceptual Architectures, DevSecOps processes, and other services as directed by the client.
  • Work on multiple projects simultaneously, interacting with all levels of ICF staff and CDC OCIO and C/I/O stakeholders.
  • Collaborate and understand stakeholders, external partners, and the project team needs and convey them to developers.
  • Possess a bias for action when breaking down complex problems and tackling new technologies.
  • Build tools to reduce errors and improve customer experience by supporting the goal of continuous update and development of code, making systems faster and better while ensuring that systems are safe and secure against cybersecurity threats.
  • Develop an automated security framework for robust development of deployment tools, processes, and infrastructure leveraging various scripting languages and open-source solutions.
  • Provide DevOps strategic objectives and tactical frameworks for CI/CD Agile development projects
  • Support project team configuration and testing of CI/CD configurations based on continuous development and delivery of best practices and technical implementations.
  • Define CI/CD work packages and assess the quality of the project team’s work products.
  • Conduct analysis or assessment of the current internal and external DevOps implementation and recommend automation to improve development and release processes, efficacy, timelines, etc.
  • Guide development teams in designing, building, testing, and automatically deploying new or existing software.
  • Improve best practices and code guidelines, and work with software developers and engineers to ensure that development follows established processes and works as intended.
  • Test and examine code written by others, identify technical problems, analyze results, and make recommendations or automate processes.
  • Plan out projects and be involved in project management decisions.
  • Leverage agile project management methodology to accelerate strategic execution of implementation plans with bi-weekly sprints developed from a backlog of action items.
  • Author or contribute to technical or white papers, enterprise reports, and presentations.
  • Provide Level 2 technical support and assist with root cause analysis.
  • Develop software/scripts to integrate with internal, back-end systems and automate visualizations.
  • Consider the organization’s entire IT infrastructure when suggesting or making changes and improvements that enhance the client’s IT infrastructure security protocols and contribute to the predictable deployment of software and infrastructure in the client’s cloud infrastructure.
  • Share knowledge and thought leadership with the rest of the organization, including strategic technical direction and professional development opportunities.  

Basic Qualifications:

  • Bachelor’s degree in Computer Science, Engineering, related field, or equivalent experience.
  • 8+ years of progressive experience as a DevSecOps engineer or similar software engineering role working with developers, DevOps, and engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
  • 5+ years of experience in data center infrastructure and cloud IaaS environments.

Desired Skills and Qualifications:

  • DevSecOps Certified Professional (DSOCP).
  • CISM, CISSP, or other Security Certifications, and Foundation certifications in AWS and Azure.
  • Solid knowledge base in one or more cloud service providers (AWS, Azure, GCP) advance concepts such as Serverless, Infrastructure as Code, containers, CI/CD pipelines, and Git repositories (such as Gitlab).
  • Experience coordinating and performing vulnerability assessments using automated and manual tools (Tenable, NMAP, etc.).
  • Experience with C/C++ programming and Bash, Ruby, Python, or other scripting languages.
  • Working knowledge of SQL and databases (both structured and unstructured).
  • Extensive experience with various DevSecOps automation and configuration management tools, such as Chef, Puppet, Ansible, Terraform, Git, GitHub, GitLab, Jenkins, TeamCity, TFS, Subversion, and Docker.
  • Familiarity with Information Security Standards such as CIS, NIST, and RFC2196.
  • Understand the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, and Security and Monitoring tools.
  • Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA standards and policies and the associated certification and audit processes.
  • Auditing and Compliance certifications such as CISA, PCI-ISA, and PCIP.
  • Familiarity with Amazon and Azure Policy, Configuration, and Security Management tools.
  • Intimate familiarity with architecting solutions on cloud computing platforms such as Azure or AWS. 
  • Experience with security automation and machine learning.
  • Experience configuring, implementing, and leveraging computer security and network diagnostic/monitoring tools.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, IP tables, SSL, Ciphers, etc.).
  • Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
  • Experience deploying monitoring and logging tools (e.g., WhatsUp Gold Nagios, PRTG, Splunk, etc.).
  • Experience with containerization orchestration tools such as Kubernetes, Amazon ECS, Azure Container Services, and OpenShift.
  • Thought leader on Continuous Integration & Continuous Delivery (CI/CD) software engineering process who can articulate how a given DevSecOps approach facilitates these practices to drive business goals.

Professional Qualifications:

  • Strong qualitative and quantitative evaluation and analytical skills (experience in impact assessments preferable).
  • Strong problem-solving skills, investigative mentality, decision-making ability, and strategic and associative thinking capacity.
  • Excellent oral and written communications in English, including editing and proofreading skills, thought leadership, and formal presentation skills.
  • Highly developed interpersonal skills and self-motivation coupled with a high level of attention to detail and accuracy.
  • Business development experience, including leading or contributing to proposals.
  • Ability to appropriately target information across technical audiences, clients, and executive leaders.

Working at ICF

Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.

We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination:  EEO is the law and  Pay Transparency Statement.

Pay Range - There are multiple factors that are considered in determining final salary for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The salary range for Colorado is -

$118,089.00 - $200,751.00

Nationwide Remote Office (US99)

Who is ICF?

A global consulting services company with approximately 8,000 people across 75+ countries, but we are not your typical consultants.

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.