Software Developer, Journeyman

ICF is actively recruiting for an experienced Software Developer to support the research and development of new cyber analytic capabilities that will help the US protect and defend its networks and critical information systems. This role will support a large federal cyber security analytic program. Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. We are looking for individuals that want to analyze and understand data to identify anomalies. Utilize your skills to help experiment and prototype future cyber capabilities for implementation at large-scale.

As a Software Developer, you will work with our customers, program subject matter experts, and researchers to evolve, automate, and enhance cybersecurity capabilities. Additionally, you will provide software engineering development and support, as well as oversight for other personnel. This is an opportunity to contribute to an important project from its beginning, work with the latest and emerging technologies, and all while building a great career at ICF!

This role is primarily telework-based with occasional meetings at client locations (Arlington, VA or Pensacola, FL) or ICF facilities within the Washington DC metro area.

What You Will Be Doing:

Work closely with cyber personnel to understand manual analytic processes that are used to assist in the automation of those processes Create automated analytic capability sets (e.g., signature, behavioral, heuristic, anomalous, unsupervised-learning, predictive, and emerging) Develop new platforms to elicit operational effect Support the design, development, and deployment of production systems adhering to the Continuous Integration/Continuous Delivery (CI/CD) pipeline Post-deployment support of continuous analysis through the full lifecycle of the capabilities Perform functions associated with the analysis of information, refinement of analytics and countermeasure selection, reviewing output, and making upgrades/improvements to the performance of the analytics and countermeasures What You Must Have

Bachelor's or Master's degree in Computer Science or Software Development OR equivalent combination of education and relevant professional experience, with at least an additional 3 years of applicable experience. Position requires a minimum 1 year of Python Development experience Must have a minimum 1 year of professional development experience using AWS serverless architecture Demonstrated experience with federal cybersecurity requirements Experience with a variety of analytics (e.g., file, network, host-based, etc.) Active security clearance required as part of client contract requirements US Citizenship required as part of client contract requirements Preferred Qualifications:

Experience with developing applications running on Big Data platforms such as Hadoop/Cloudera or Spark, Power BI Interpersonal skills and the ability to communicate effectively with various clients in order to explain and elaborate on technical details Experience within some or all of these capability areas: Intrusion Detection, Analytics, Information Sharing, Intrusion Prevention, Core Infrastructure Practical experience with the Databricks Intelligence Platform Practical experience with Splunk to include Splunk Machine Learning (ML) Machine Learning fundamentals and/or prior experience supporting ML efforts from a developer perspective Experience with shell scripting using Bash, PowerShell, or equivalent Experience with network monitoring tools such as Wireshark, tcpdump, Zeek, SiLK, or YAF Experience within Cloud environments in or using technologies provided by AWS, Google, or Azure Experience with Linux operating system Experience with monitoring/diagnosing activity at the host, application, network, Internet protocol, database, source code, and LAN layers or other areas preferred Ability to prioritize and manage own workload Experience in analytics associated with analyzing databases, source code, hosts, middleware, application, Local Area Network (LAN), and Internet networks across Open System Interconnect (OSI) model Experience in developing real- or near real-time automation AWS certification (Developer, DevOps, and/or Application Architect, etc.) CompTIA Advanced Security Practitioner (CASP+) or higher certification level preferred