ICF
Business Consulting & Services
See how your profile stacks up against this role.
We compared the job requirements to your profile to show where you're strong and where you fall short.
Please note: This role is contingent upon a contract award. While it is not an immediate opening, we are actively conducting interviews and extending offers in anticipation of the award.
ICF is seeking a Senior Cyber Security Specialist to support a secure federal ServiceNow program with multiple mission workstreams. This role is responsible for helping maintain the security posture of the platform and supporting the security activities that keep development, testing, release, and sustainment efforts aligned to federal cybersecurity requirements.
The ideal candidate is an experienced security professional who can work across infrastructure, application, data, and development teams to support vulnerability management, access control, system authorization, and continuous monitoring. You will help ensure security is built into the lifecycle of the solution, not added after the fact, while also supporting operational workflows, release readiness, and compliance tracking in a fast-paced Agile environment.
Job Location: Remote work is authorized. Must support US Eastern time zone working hours. Preference to candidates who live in the Washington DC metro area.
*If you accept this position, you should note that ICF does monitor employee work locations blocks access from foreign locations/foreign IP addresses and prohibits personal VPN connections.
What You Will Do
Support the security posture of enterprise ServiceNow systems and related applications
Assist with security governance, system authorization, and continuous monitoring activities
Develop, maintain, and update security documentation and artifacts such as SSPs, POA&Ms, risk registers, and related compliance materials
Support ATO efforts, security assessments, evidence gathering, and control validation
Track and remediate vulnerabilities, scan findings, and security issues through closure
Coordinate with developers, administrators, testers, and program stakeholders to ensure security findings are understood and addressed
Support access control reviews, role-based permissions, least-privilege practices, and secure user administration
Help evaluate security implications of workflow changes, data integrations, releases, and configuration updates
Support audit preparation, findings response, and ongoing compliance reporting
Monitor and document security process changes, configuration updates, and remediation actions
Contribute to secure release practices, including validation of fixes and scan remediation before deployment
Support incident and issue triage from a security perspective when needed
What You Must Have
Must be a U.S. citizen and possess an active Top Secret security clearance, as required by the federal contract
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field
6+ years of relevant experience in information security, cybersecurity, or system security roles
6+ years of experience supporting federal security frameworks such as FISMA, NIST RMF, or similar
What We Would Like You To Have
4+ years of experience supporting ATO processes, security documentation, and continuous monitoring
4+ years of experience with vulnerability management, security scanning tools, or remediation workflows
3+ years of experience conducting risk assessments, security analysis, or compliance reviews
3+ years of experience supporting cloud or enterprise system security
Experience supporting federal ServiceNow environments or other enterprise workflow platforms
Familiarity with RMF artifacts, ATO packages, POA&M tracking, and continuous monitoring programs
Experience with identity and access management, role governance, or least-privilege design
Experience supporting secure release practices, scan remediation, or DevSecOps workflows
Familiarity with vulnerability tools, static/dynamic analysis, or cloud security controls
Experience supporting audit response, corrective action tracking, or security governance meetings
Relevant cybersecurity certification such as Security+, CISSP, or equivalent
Professional Skills
Demonstrated ability to communicate security issues clearly to technical and non-technical stakeholders
Strong organizational skills and attention to detail for compliance tracking and evidence management
Working at ICF
ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.
We will consider for employment qualified applicants with arrest and conviction records.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.
At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.
However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position based on full-time employment is:
$89,649.00 - $152,404.00Nationwide Remote Office (US99)After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.
Marcus Rivera
Chief Revenue Officer

ICF

Terma Group

NES Associates, LLC

Talan

Datacom

ICF

ICF

ICF