We are not a typical consulting firm and our people are not typical consultants.
Security Engineer
Location
United States
Posted
22 hours ago
Salary
$98.6K - $167.6K / year
Seniority
Mid Level
Job Description
Security Engineer
ICF
Role Description This role is contingent upon a contract award. ICF is looking for an enthusiastic Security Engineer to join our team and help with ensuring our environments and applications meet Federal Security Standards. If you are a Security Engineer interested in applying your expertise in Security Engineering in a consulting environment, then this may be the role for you. This position requires that the job be performed in the United States. If you accept this position, you should note that ICF does monitor employee work locations and blocks access from foreign locations/foreign IP addresses, and also prohibits personal VPN connections. Our core work hours are 10am - 4pm Eastern Time with the option to start earlier or work later depending on your time zone. However, please note our client is on the east coast and may sometimes start a meeting earlier than 10:00 which may require your participation. Travel for a conference or to another ICF location for collaboration may be required once a year. Responsibilities - Perform Static Application Security Testing (SAST) to identify potential vulnerabilities in the application code and infrastructure. - Perform Dynamic Application Security Testing (DAST). - Create and update threat models for FISMA systems. - Assist and lead security incident response. - Assist with documentation of System Security plan and Contingency Plans for related projects. - Ensure security systems are up to date and create documentation and planning for all security-related information, including incident response and disaster recovery plans. - Review policies and procedures for compliance with applicable standards; and to identify areas of improvement for finding remediation. - Interact with senior level management, including the ISSO. - Use security assessment tools such as Nessus, Snyk, AWS GuardDuty and AWS Inspector. - Apply a demonstrated understanding of cryptography to secure web applications and data at rest. - Work with development teams to review and correct code written in higher level programming languages and scripts. - Work with DevOps teams to securely harden Linux based machines and cloud infrastructure. Qualifications - Bachelor’s Degree. - 5+ years of professional security engineering experience. - Candidate must be able to obtain and maintain a Public Trust. - Candidate must reside in the U.S., be authorized to work in the U.S., and all work must be performed in the U.S. - Candidate must have lived in the U.S. for three (3) full years out of the last five (5) years. What We Would Like You To Bring With You - Hands-on experience that includes: - NIST 800‑53 security controls. - System hardening and implementation of DoD STIGs. - Leading incident response activities. - Data management and applied cryptography. - Cloud security and infrastructure (AWS, Azure, and/or GCP). - Awareness of OWASP Top Ten and CWE Top 25. - Linux command line usage (e.g., bash, sh, zsh). - Scripting in Python, Perl, or similar languages. - Prior experience in consulting or healthcare is an advantage but not essential. - Strong engineering background. - Application architecture experience. - Federal Government contracting work experience. - One or more of the following certifications is preferred: - OSCP/OSCE/OWSE. - CISSP. - GPEN. - GXPN. - Security +. - CEH. Professional Skills - Good leadership and team-working skills. - Highly effective analytical, problem-solving, and decision-making capabilities. - Excellent communication and interpersonal skills to interface effectively at all levels of the business. - Organized, detailed oriented and able to prioritize and multi-task. - Ability to self-organize, prioritize and conduct work on multiple projects under tight deadlines in a fast-paced environment. - Prior experience working remotely full-time. Pay Range The pay range for this position based on full-time employment is: $98,614.00 - $167,644.00.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Support cybersecurity engineering for the pilot, including cloud security, RMF/ATO support, compliance documentation, and continuous monitoring. • Secure AWS-based environments through identity and access management, encryption, logging, monitoring, network security, vulnerability management, and configuration hardening. • Configure, monitor, and support AWS security services such as AWS Network Firewall, Security Hub, GuardDuty, CloudWatch, CloudTrail, Inspector, and related capabilities. • Support security planning for an AWS Commercial Cloud environment with consideration for future migration to AWS GovCloud or another VA-approved hosting environment. • Assist with ATO planning, control implementation, evidence collection, compliance reporting, and approval workflows. • Work within eMASS, ServiceNow GRC, or similar risk management systems to support ATO artifacts, information assurance tasking, POA&M tracking, and security documentation. • Develop and maintain SSPs, POA&Ms, SOPs, risk assessments, control narratives, security diagrams, and remediation plans. • Support vulnerability assessments, DISA STIG hardening, configuration compliance reviews, remediation tracking, and audit readiness activities. • Integrate security requirements into architecture, sprint planning, CI/CD processes, testing, and deployment readiness. • Support security reviews for VIA platform capabilities, including data handling, access control, auditability, secure integration, and AI-enabled modernization workflows. • Collaborate with technical and non-technical stakeholders to translate security requirements into practical engineering, documentation, and compliance actions.
Cyber Security SME
9th Way InsigniaServing the federal government with courage, integrity, and excellence.
• Provide expert cybersecurity guidance across enterprise systems, cloud environments, applications, networks, and mission platforms. • Lead the development and implementation of innovative cyber defense strategies that improve detection, prevention, response, and recovery capabilities. • Assess current cyber defense posture and recommend practical, scalable improvements aligned with mission, business, and regulatory requirements. • Design and support implementation of layered defense models, including Zero Trust, endpoint protection, identity-based security, network segmentation, encryption, threat monitoring, and secure cloud controls. • Evaluate emerging cybersecurity technologies, tools, and methodologies to determine applicability, maturity, risk, and operational value. • Support development of cybersecurity roadmaps, implementation plans, maturity models, and modernization strategies. • Advise leadership on cyber risk, threat trends, security gaps, mitigation strategies, and investment priorities. • Collaborate with technical teams, program managers, architects, engineers, system owners, and business stakeholders to integrate security into planning, development, operations, and sustainment activities. • Support security assessments, risk assessments, authorization activities, audits, and compliance reviews. • Provide expertise in federal cybersecurity frameworks and standards, including NIST, RMF, FISMA, FedRAMP, CMMC, CIS Controls, and Zero Trust guidance. • Recommend automation, analytics, artificial intelligence, machine learning, and security orchestration approaches to improve cyber defense effectiveness. • Support incident response planning, tabletop exercises, root cause analysis, and lessons-learned activities. • Develop cybersecurity policies, procedures, playbooks, technical guidance, briefings, and executive-level decision materials. • Mentor junior and mid-level cybersecurity staff and promote knowledge sharing across technical teams. • Identify opportunities to reduce risk, improve efficiency, strengthen resilience, and advance the organization’s cyber maturity. • This position may perform other duties as assigned. The responsibilities listed above are representative and not intended to be all-inclusive.
Cybersecurity Engineer – AI Risk and Governance
Vantage Data CentersExperience | Scalability | Efficiency By Design
• Perform technical security testing and reviews of AI‑enabled applications, agents, and workflows • Implement approved security architecture patterns for AI, ML, and LLM systems across cloud, hybrid, on‑prem, and OT‑adjacent environments • Engineer secure inference paths, APIs, service identities, authentication flows, and segmentation boundaries aligned with least privilege and zero trust principles • Implement technical safeguards to mitigate prompt injection, unauthorized context expansion, data leakage, hallucination risk, and unsafe output handling • Configure and maintain controls for limiting, monitoring, logging, and managing AI usage across platforms, models, and agents • Implement and validate technical controls supporting model explainability, traceability, and output validation where AI impacts operational, workforce, safety, or compliance decisions • Review and validate LLM usage patterns, including prompt design, retrieval‑augmented generation (RAG), context window constraints, and output handling mechanisms • Implement controls preventing unauthorized external model training, reuse, or retention of enterprise data by third‑party AI platforms • Validate encryption, access logging, retention, and deletion controls for data ingested, processed, or generated by AI systems • Execute AI‑specific threat modeling activities and contribute findings to enterprise and OT cybersecurity risk assessments • Ensure AI systems produce security telemetry, logs, and audit trails sufficient to detect misuse, drift, policy violations, or anomalous behavior • Integrate AI security signals into SOC, SIEM, and incident response tooling and workflows • Support investigation and response to AI‑related incidents, including data exposure, model failure, unsafe outputs, or control breakdowns • Conduct technical security reviews of vendor‑provided and embedded AI capabilities, assessing model behavior, data handling, and control alignment • Enforce approved security requirements for AI vendors and prevent activation of AI features without required security validation and governance approval • Drive alignment with ISO 42001 and related AI governance standards across applicable teams
• Triage, investigate, and respond to alerts across the SOC queue, hitting SLAs and following playbooks • Lead incident investigations, gather evidence, correlate events, and coordinate containment and recovery • Build and tune AI-assisted and agentic workflows across SIEM, SOAR, and EDR, including Claude via API • Engineer detection content: rules, queries, and alert tuning mapped to MITRE ATT&CK • Write and maintain SOAR playbooks and automation scripts that cut manual toil and accelerate response • Hunt for threats proactively, forming and testing hypotheses against current adversary TTPs • Maintain the SOC technology stack: integrations, health, and content engineering across all platforms • Keep SOX and SOC 2 Type 2 audit-ready evidence: logging coverage, incident records, and procedures • Partner with IT, Cloud, Risk, and Compliance to embed telemetry and surface findings clearly




