ICF International seeks an experienced Software Developer to support the research and development of new cyber analytic capabilities that will help the US protect and defend its networks and critical information systems.
The successful cleared candidate will act as a Software Developer to support a large federal cyber security analytic program.
Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate.
We are looking for individuals that want to analyze and understand data to identify anomalies.
Utilize your skills to help experiment and prototype future cyber capabilities for implementation at large-scale.
As the Software Developer, you will work with our customers, program subject matter experts, and researchers to evolve, automate, and enhance cybersecurity capabilities.
Additionally, you will provide software engineering development and support, as well as oversight for other personnel.
This is an opportunity to contribute to an important project from its beginning, work with the latest and emerging technologies, and all while building a great career at ICF!
This role is primarily telework-based with occasional meetings at client locations (Arlington, VA or Pensacola, FL) or ICF facilities within the National Capital Region.
What You Will Be Doing:
Work closely with cyber personnel to understand manual analytic processes that are used to assist in the automation of those processesCreate automated analytic capability sets (e.g., signature, behavioral, heuristic, anomalous, unsupervised-learning, predictive, and emerging)Develop new platforms to elicit operational effectSupport the design, development, and deployment of production systems adhering to the Continuous Integration/Continuous Delivery (CI/CD) pipelinePost-deployment support of continuous analysis through the full lifecycle of the capabilitiesPerform functions associated with the analysis of information, refinement of analytics and countermeasure selection, reviewing output, and making upgrades/improvements to the performance of the analytics and countermeasuresWhat You Must Have:
Active security clearance required as part of client contract requirementsUS Citizenship required as part of client contract requirementsBachelor’s or Master’s degree in Computer Science or Software DevelopmentMinimum 1 year of Python Development experienceMinimum 1 year of professional development experience using AWS serverless architectureFamiliarity with federal cybersecurity requirementsExperience with a variety of analytics (e.g., file, network, host-based, etc.)Ability to prioritize and manage own workloadPreferred Qualifications:
Experience with developing applications running on Big Data platforms such as Hadoop/Cloudera or Spark, Power BIInterpersonal skills and the ability to communicate effectively with various clients in order to explain and elaborate on technical detailsExperience within some or all of these capability areas: Intrusion Detection, Analytics, Information Sharing, Intrusion Prevention, Core InfrastructurePractical experience with the Databricks Intelligence Platform=Practical experience with Splunk to include Splunk Machine Learning (ML)Machine Learning fundamentals and/or prior experience supporting ML efforts from a developer perspectiveExperience with shell scripting using Bash, PowerShell, or equivalentExperience with network monitoring tools such as Wireshark, tcpdump, Zeek, SiLK, or YAFExperience within Cloud environments in or using technologies provided by AWS, Google, or AzureExperience with Linux operating systemExperience with monitoring/diagnosing activity at the host, application, network, Internet protocol, database, source code, and LAN layers or other areas preferredExperience in analytics associated with analyzing databases, source code, hosts, middleware, application, Local Area Network (LAN), and Internet networks across Open System Interconnect (OSI) modelExperience in developing real- or near real-time automationAWS certification (Developer, DevOps, and/or Application Architect, etc.)CompTIA Advanced Security Practitioner (CASP+) or higher certification level preferred