Job Description

Our Digital Modernization Division is an information technology and management consulting department that offers integrated, strategic solutions to its public and private-sector clients. ICF has the expertise, agility, and commitment to design, build, and operate high-performance IT engines to support all aspects of our client’s business.   

ICF is seeking an experienced and driven Software Security Engineer to lead and oversee mission-critical initiatives in support of the General Service Administration (GSA). In this role, you will help safeguard applications and cloud-based systems by integrating security best practices throughout the software development lifecycle. 

Job Location: Must be able to go on-site 5 days a week to the client's office in Washington, DC. Hybrid work flexibility may be available after the first 90 days

What You Will Do:

• Integrate security best practices throughout the software development lifecycle (SDLC) for applications and cloud environments

• Perform secure code reviews and vulnerability assessments using industry‑standard tools, including SAST, DAST, and SCA solutions

• Design, implement, and validate security controls within cloud environments such as AWS and AWS GovCloud

• Identify security weaknesses, prioritize risks, and support remediation efforts to ensure compliance with federal security requirements

• Support systems operating in regulated and high‑security environments

• Conduct research and provide recommendations on emerging security threats, tools, and best practices

• Collaborate with development, DevOps, and compliance teams to ensure secure system design and implementation

• Lead or guide teams in resolving compliance gaps and security findings under tight deadlines

What You Will Bring With You:

• Bachelor’s degree in Computer Science, Engineering, Information Systems, or related technical field

• Professional certifications: CISSP, CISM, CISA, Security+, or GIAC certifications

• 5 years experience with working on/around cloud platforms in AWS.  

• Must be able to obtain and maintain a Public Trust clearance. 

• MUST RESIDE IN THE United States (U.S.) and the work MUST BE PERFORMED in the United States (U.S.) as this work is for a federal contract, and laws do apply. 

What We Would Like You To Bring With You:

• Hands-on experience performing secure code reviews and vulnerability assessments using industry-standard tools (e.g., SAST, DAST, SCA).  

• Experience implementing security controls in cloud environments (e.g., AWS GovCloud or similar secure federal cloud environments).  

• Strong understanding of secure coding standards (e.g., OWASP, NIST, DoD STIGs).  

• Experience supporting systems within regulated or high-security environments.  

• Ability to self-organize, priorities and conduct research on multiple projects under tight deadlines in a fast-paced environment.  

• Experience supporting and maintaining CATO  

• Understanding of the GSA FedRamp process 

• Experience with NIST Cybersecurity Framework or similar security frameworks

• Ability to lead and direct teams to remediate compliance issues 

Working at ICF

ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.

We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employerTogether, our employees are empowered to share theirexpertiseand collaborate with others to achieve personal and professional goals. For more information, please read our EEOpolicy.

We will consider for employment qualified applicants with arrest and conviction records.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals withsincerely heldreligious beliefs, in all phases of the application and employment process. To requestan accommodation,please email Candidateaccommodation@icf.com and we will be happy toassist All information you provide will be kept confidential and will be used only to the extentrequiredto provide needed reasonable accommodations. 

Read more about workplace discrimination rightsor our benefit offerings which are included in the  Transparency in (Benefits) CoverageAct.

Candidate AI Usage Policy

At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate orassistwith responses during interviews (whether in-person or virtual) is notpermitted This policy is in place tomaintainthe integrity and authenticity of the interview process. 

However, we understand that some candidates may require accommodation that involves the use of AI. Ifsuch anaccommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com Weare dedicated to providingthe necessary support to ensure that all candidates have an equal opportunity to succeed.  

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.

The pay range for this position based on full-time employment is

$108,006.00 - $183,610.00DC Client Office (DC88)