Lead Security Investigator

ICF is seeking a Cleared Lead Security Investigator to support a Security Operations Center (SOC) for a Federal Government client.  This SOC operates 24X7x365 to identify, protect, detect, respond to, and recover from cyber events on the FAA information systems.  The SOC combats internal and external cyber-based threats targeting Government systems.  The SOC serves as the focal point for all information security incidents and provides a centralized operation responsible for monitoring and tracking information security incidents, conducting sensor data analysis, establishing trend analysis documentation, providing proactive and responsive corrective action capability, and providing the FAA and DOT with a wide information security technical assistance with cyber disaster recovery and other Information Security functions.  As Lead Security Investigator reporting to the SOC site in Leesburg, VA, you will be responsible for leading the contract team in cyber incident assessment and response support.  You will work the Government staff and service providers to recover from any incidents.  You will have hands-on involvement in gathering artifacts or recovering systems.  You also will guide the team in correlating data feeds, including analyzing data feeds and logs to correlate data with known threats and incidents.  You will build, implement, and refine event correlation rules, logic, content, and analysis techniques to correlate events and security incidents with specific sources.  You will also perform correlation and trend analysis to discover attack patterns and assess the risks and potential exposure of assets. 

Required Education & Experience:

• Bachelor’s degree OR minimum 10 years of relevant IT experience.

• Minimum 6 years IT experience with at least 4 years of experience with network security analysis, using intrusion detection systems.

• U.S. Citizenship required (required by federal government for position). SECRET clearance required.

Desired Experience:

• Firewall administration experience.

• Experience with intrusion detection sensors.

• Experience with Security Information and Event Management Tools.

• Experience with Hunt investigation tools in the Cloud.

• Experience with Hunt investigations with EDR tools.

• Experience with scripting languages such as Python.

• CISSP and/or SANS/GIAC Certification (equivalent to 2-year experience).

• Experience as a supervisor and people manager. 

#Indeed

#LI-CC1

Working at ICF

Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.

We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination:  Know Your Rights and  Pay Transparency Statement.

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position is:

$103,035.00 - $175,160.00

Virginia Client Office (VA88)