Be on Alert – Fraudulent Employment Offers. Learn More
Security Engineer - Blue Team – Remote
ICF seeks a Security Engineer - Blue Team to keep our business, users, and data safe by assuring the security of our applications and platforms. This will be a highly collaborative position, in which the right candidate works to secure existing applications and platforms, makes platform and security enhancements, and helps to scale our security program through automation, process improvement, and tool creation.
This Security Engineer position will require the ability to work on multiple products and the chosen candidate must be able to develop and present secure solutions to provide advice to technical and leadership teams. The candidate will further be required to assess risks and advise on security standards, best practices, and solutions. All this must be done by maintaining stringent security quality and providing clear communication to exceed customer expectations. You will primarily work on a project that supports the Centers for Medicare and Medicaid Services’ (CMS) focus on developing systems that provide accurate and complete data that are also user-friendly and patient centric.
- Document System Security plan and Contingency Plans for related projects
- Document and evaluate security policies
- Ensure security systems are up to date and create documentation and planning for all security-related information, including incident response and disaster recovery plans
- Review policies and procedures for compliance with applicable standards; and to identify areas of improvement for finding remediation
- Interact with senior level management, including the ISSO
- Associates Degree with 7+ years of technical experience OR BS with 5+ years of relevant technical experience or an MS and 3+ years of technical experience
- 5+ years of experience in the following: NIST 800-53 security controls, System Hardening (blue team), Implementing DoD STIGs, Leading Incident Response
- Strong foundation in one or more of the following: Data management security, Authentication, Applied cryptography, Linux security, Network & Cloud security
- Advanced knowledge of Linux platforms
- Strong technical acumen securing software and hardware to include the understanding of software development and working experience with any one of the higher level programming languages or scripting
- Familiarity and experience with security technologies such as security engineering, security architecture, cryptography, data security, risk management, identity and access management, communication and network security, security assessment and testing, software development security, security operations
- Familiarity with security assessment tools such as Nessus
- Thorough understanding of issues documents in the OWASP Top Ten and CWE Top 25
- Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation
- Experience using Linux/Unix at the command line for tasks related to web application development and deployment (DevOps)
- Must live in the United States and be able to obtain a Public Trust Clearance.
- One or more of the following certifications is preferred; CISSP, GPEN, GXPN, Security +, CEH
- Strong engineering background
- Application architecture experience
- Experience working in an Agile environment
- Experience working in the healthcare industry
- Federal Government contracting work experience
- Strong written and verbal communication skills
- Ability to work and coordinate with other developers using digital tools.
- Demonstrated time management skills.
- Strong organizational skills with attention to detail.
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.
We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.
COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email firstname.lastname@example.org and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Pay Range - There are multiple factors that are considered in determining final salary for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The salary range for Colorado is -
Nationwide Remote Office (US99)