Threat Detection & Response Engineer, Senior (Security Clearance Required)

ICF is actively recruiting for an experienced and cleared Senior Threat Detection & Response Engineer to support the research and development of new cyber analytic capabilities that will help the US protect and defend its networks and critical information systems. The successful cleared candidate will act as a Senior Threat Detection & Response Engineer to support a large federal cyber security analytic program. Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. Utilize your skills to help experiment and prototype future cyber capabilities for implementation at large-scale.

As the Senior Threat Detection & Response Engineer, you will work as the overall responsible person for the design and development of countermeasures capabilities. This is an opportunity to contribute to an important project from its beginning, work with the latest and emerging technologies, and all while building a great career at ICF!

The ideal candidate has a strong background in cybersecurity detection and countermeasures with proficiency in dashboard technologies including an ability to translate mission requirements. You are focused on results, a self-starter, and have demonstrated success for using analytics to drive the understanding, growth, and success of the analysis. This is an opportunity to contribute to an important project from its beginning, work with the latest and emerging technologies, and all while building a great career at ICF!

This role is primarily telework-based with occasional meetings at client locations (Arlington, VA or Pensacola, FL) or ICF facilities within the Washington, DC metro area.

What You Will Be Doing:

• Oversee the design of the operational effects as described by the Government
• Evaluate alternatives and provide well-informed recommendations on technical options for design and development
• Translate mission requirements into a variety of software products, evolutionary prototypes, and advanced countermeasure capabilities
• Identify optimal methods for aggregating, storing, correlating, and visually depicting various types of data
• Advise on data preparation, implementation of techniques, visualizations, and employment of analytics developed by ICF and customer partners
• Assess current use of cyber tools by analysts and assess whether efficiencies can be made via alternate use of current or adoption of alternate tools
• Problem-solve by identifying potential tools/processes to support needs by capturing areas of improvement that can be translated into functional requirements for future planning
• Identify areas of technical training gaps and proposed approaches to methods (hands on, online modules, etc.) to improve the use of tools and data in support of the cybersecurity mission.
• Participate in post-engagement review
• Effectively communicate with leadership to ensure awareness of progress and/or challenges

What You Must Have:

• Active US government issued security clearance required
• ship required as part of client contract requirements
• Bachelor's degree with 12+ or Master's degree with 10+ years of experience in IT, Cyber, Engineering, or a related field
• Working knowledge of open-source distributed massively parallel processing databases such as GreenPlum and open-source big data technologies such as Apache Hadoop, Apache Kafka, etc.
• 5 or more years of implementing custom and high-impact security platforms in critical program areas.

• Position requires at least 5 years of advanced cyber threats, tools, techniques, and processes (e.g., Threat Hunt, Incident Response, Investigations, Technical Reporting, etc.)

• Must have at least 5 years of experience using network security analysis/IDS tools
• A minimum of 5 years of experience analyzing packet capture and NetFlow data with an understanding of current cyber threats and trend derived from multiple sources (e.g., open-source, intelligence products, etc.)
• 5 or more years of experience with different types of Malware including detection methods, attack vectors, and vulnerabilities used
• Experience with query languages (e.g., SQL, KQL, etc.)
• Hands on experience developing advanced dashboards (e.g., Kibana, Splunk, etc.) is required

• Experience with different cybersecurity frameworks and knowledge bases to identify tactics, techniques, and procedures of known actors
• Must have a solid understanding of mathematics behind machine learning algorithms

Preferred Qualifications:

• Interpersonal skills and the ability to communicate effectively with various clients in order to explain and elaborate on technical details
• Practical experience with different scripting languages (e.g., Python, JavaScript, etc.)
• Practical experience with the Databricks Intelligence Platform
• Experience with system vulnerability management
• Knowledge of Linux/Unix and Windows operating systems security
• Knowledge of computer programming and scripting languages
• Scaled Agile Framework (SAFe) experience
• (ISC)2 Certified Information Systems Security Professional (CISSP) certification desired

#ICFNS

Working at ICF
ICF is a global advisory and technology services provider, but we're not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.

We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.

We will consider for employment qualified applicants with arrest and conviction records.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.

Candidate AI Usage Policy

At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.

However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.

The pay range for this position based on full-time employment is:
$119,323.00 - $202,850.00

Virginia Client Office (VA88)