Cyber Security Analyst- Remote

About the position ICF is seeking a Cyber Security Analyst that is involved in the testing, implementation and operation of secure state-of-the-art internet-facing services, systems, networks, and database products in both hosted and cloud environments. Conducts risk assessments and provides recommendations for system and application design. Participates in a wide range of security activities including event correlation, alerting, vulnerability management, access management, incident response, troubleshooting, infrastructure management, audit support and more. Analyses are performed through all stages of the system lifecycle, including: concept, design, build, test, integration, operation, maintenance and disposal. Provides analysis, evaluations, and recommendations to improve system consistency, efficiency, and effectiveness. Helps ensure solution requirements meet timing, technical, and financial constraints. Integrates new features into existing solutions, provides analysis to evaluate existing systems against future needs and trends. Uses advanced forensic tools and techniques for investigation and attack reconstruction. Provides recommendations for enhancements to systems, testing and processes. Interacts with other internal groups and external entities including customers, law enforcement, and intelligence/government agencies. Performance Objectives: Technical Work Operation of infrastructure and application vulnerability detection systems Review and validation of vulnerability findings Analyze log data for emerging or unusual patterns Modify, create, or propose alerts for events of interest Work with stakeholders to resolve vulnerabilities and respond to events Help monitor common channels for priority communications Ensure systems meet documented standards Assist with obtaining or creating artifacts for audit and compliance Request and incident ticket intake and escalation Learn and document common processes with senior resources Participate in on-call rotation Assist with disaster recovery and incident response testing and processes Research and test emerging threats Responsibilities • Operation of infrastructure and application vulnerability detection systems • Review and validation of vulnerability findings • Analyze log data for emerging or unusual patterns • Modify, create, or propose alerts for events of interest • Work with stakeholders to resolve vulnerabilities and respond to events • Help monitor common channels for priority communications • Ensure systems meet documented standards • Assist with obtaining or creating artifacts for audit and compliance • Request and incident ticket intake and escalation • Learn and document common processes with senior resources • Participate in on-call rotation • Assist with disaster recovery and incident response testing and processes • Research and test emerging threats Requirements • 3+ years general technology experience • 1+ year of general security experience • 1+ year of experience with basic information security practices (ie Least Privilege, Zero Trust, OWASP Top 10, control frameworks) • Ability to travel 1-2 times a year Nice-to-haves • Azure and/or AWS cloud familiarity and experience is highly desirable • Scripting and automation experience is a plus • CompTIA Security+, CEH, GIAC, or equivalent certification • Experience using commercial and open source security software such as Nmap, Nessus, Wireshark, Rapid7, WebInspect, Metasploit Framework, Kali Linux, etc. • Experience with log monitoring, analysis, and correlation • Experience performing enterprise incident monitoring, response, and analysis • Familiarity with generative and agentic AI machine learning algorithms, data preprocessing, and model deployment • Ethical hacking experience • Strong desire for growth and development of security skills • Excellent verbal and written communication skills • Strong ability to multi-task, react, and think quickly • Ability to maintain a high level of confidentiality • Must be flexible enough to work overtime when needed