Cyber Security Specialist
About The Position
ICF seeks a Computer Security System Specialist – Information Systems Security Officer (ISSO) to support a federal data and analytics program, focused on security compliance, system authorization, and continuous monitoring of enterprise data and analytics platforms. This role is responsible for maintaining the security posture of systems and applications, ensuring compliance with federal cybersecurity requirements, and supporting Authority to Operate (ATO) processes. The ISSO will work closely with infrastructure, development, and operations teams to identify risks, remediate vulnerabilities, and ensure secure system operations. This position is remote within the United States. ICF monitors employee work locations, blocks access from foreign locations/foreign IP addresses, and prohibits personal VPN connections.
Requirements
- U.S. Citizenship required due to federal contract requirements
- Ability to obtain and maintain a Public Trust clearance
- Candidate must have lived in the U.S. for three (3) full years out of the last five (5) years
- 3+ years of experience in information security, cybersecurity, or system security roles
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field
- Cybersecurity certification required (e.g., CompTIA Security+, CISSP, or equivalent)
Nice To Haves
- Experience supporting DHS or other federal agencies
- 2+ years of experience supporting federal security frameworks (e.g., FISMA, NIST, or similar)
- 2+ years of experience supporting ATO processes, including documentation and continuous monitoring
- 2+ years of experience working with vulnerability management, security scanning tools, or remediation processes
- 2+ years of experience conducting risk assessments, security analysis, or compliance reviews
- 2+ years of experience supporting cloud or enterprise system security (AWS or similar environments)
- Current or recent Public Trust
- Experience with cloud security, identity and access management, or DevSecOps practices
- Understanding of data security, privacy, and governance in large-scale data environments
- Additional certifications in cloud security or information assurance
Responsibilities
- Support the security posture of enterprise systems and applications, ensuring compliance with federal security and privacy requirements.
- Develop, maintain, and update system security documentation, including System Security Plans (SSPs), POA&Ms, Privacy Threshold Assessments (PTAs), and related artifacts.
- Support Authority to Operate (ATO) processes, including security assessments, continuous monitoring, and authorization activities.
- Identify, track, and remediate security vulnerabilities and findings, ensuring timely resolution in accordance with DHS and federal standards.
- Support security scanning, vulnerability management tools, and remediation tracking across systems and environments.
- Collaborate with infrastructure, data, and development teams to ensure security is integrated into system design, deployment, and operations.
- Support audits and coordinate with security stakeholders to address findings and maintain compliance posture.
- Ensure compliance with data protection, privacy, and governance requirements for sensitive information.
- Maintain system security posture by supporting implementation of new security procedures and controls as required.
- Maintain and document security processes, configurations, and system changes.
Benefits
- The pay range for this position based on full-time employment is: $74,090.00 - $125,954.00 Nationwide
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
