ICF
Cyber Analysis Lead - Security Clearance Required (Future Need)
ICF, Alexandria, Virginia, us, 22350
Cyber Analysis Lead
ICF is seeking an experienced Cyber Analysis Lead to support a Defense Human Resources Activity (DHRA) cybersecurity program. In this role, you will lead a team of cyber analysts responsible for threat analysis, vulnerability assessments, and security monitoring across multiple DHRA systems. The Cyber Analysis Lead develops and implements advanced cyber defense strategies, mentors analysts in tradecraft and tool usage, and delivers actionable risk-reduction recommendations to improve the agency's security posture. Work will be performed on-site in Seaside, CA or Alexandria, VA. What You'll Do Lead and direct cybersecurity analysts performing threat detection, analysis, and incident triage across DHRA networks and systems. Develop and maintain enterprise security monitoring strategies, procedures, and data analytics to detect anomalies and emerging threats. Oversee daily and strategic cyber defense operations, ensuring alignment with DoD and DHRA cybersecurity policies. Guide vulnerability assessment and management activities, including scanning, prioritization, remediation tracking, and reporting. Mentor and train analysts on cybersecurity tools, threat intelligence integration, and analytic methodologies. Correlate threat intelligence, vulnerability data, and incident information to provide risk-based recommendations to leadership. Collaborate with SOC, RMF, and IT Operations teams to ensure coordinated defense-in-depth and response readiness. Prepare analytic reports and dashboards summarizing trends, key metrics, and security posture improvements. Support cyber exercises, tabletop reviews, and after-action analyses to strengthen monitoring and incident response processes. Continuously evaluate and recommend new technologies, tools, and processes to enhance analytic capabilities. Required Qualifications Bachelor's degree in a technical discipline (or related field). A minimum 10 years of progressively responsible experience in cybersecurity operations, threat analysis, or incident response roles. Demonstrated ability to lead cyber defense or analysis teams in a DoD or Federal environment. Experience with SIEM platforms, network monitoring tools, and vulnerability management systems. Proficiency in interpreting MITRE ATT&CK, STIGs, and DoD cyber threat frameworks. An active US Government issued security clearance. Due to contract requirements, US citizenship is required. A current certification is required in at least one of the following: CISSP CASP Elastic/Splunk certifications Desired Qualifications Master's degree in cybersecurity, computer science, or information systems. Experience supporting DoD Cyber Operations Centers or mission partner environments. Hands-on experience with Splunk, Elastic, Tenable, or comparable SIEM and vulnerability platforms. Strong understanding of NIST 800-53, DoD Cloud SRG, and threat-hunting methodologies. Experience integrating cyber threat intelligence feeds into operational workflows. Excellent analytical, communication, and leadership skills, with the ability to brief senior stakeholders on complex threats and mitigations.
ICF is seeking an experienced Cyber Analysis Lead to support a Defense Human Resources Activity (DHRA) cybersecurity program. In this role, you will lead a team of cyber analysts responsible for threat analysis, vulnerability assessments, and security monitoring across multiple DHRA systems. The Cyber Analysis Lead develops and implements advanced cyber defense strategies, mentors analysts in tradecraft and tool usage, and delivers actionable risk-reduction recommendations to improve the agency's security posture. Work will be performed on-site in Seaside, CA or Alexandria, VA. What You'll Do Lead and direct cybersecurity analysts performing threat detection, analysis, and incident triage across DHRA networks and systems. Develop and maintain enterprise security monitoring strategies, procedures, and data analytics to detect anomalies and emerging threats. Oversee daily and strategic cyber defense operations, ensuring alignment with DoD and DHRA cybersecurity policies. Guide vulnerability assessment and management activities, including scanning, prioritization, remediation tracking, and reporting. Mentor and train analysts on cybersecurity tools, threat intelligence integration, and analytic methodologies. Correlate threat intelligence, vulnerability data, and incident information to provide risk-based recommendations to leadership. Collaborate with SOC, RMF, and IT Operations teams to ensure coordinated defense-in-depth and response readiness. Prepare analytic reports and dashboards summarizing trends, key metrics, and security posture improvements. Support cyber exercises, tabletop reviews, and after-action analyses to strengthen monitoring and incident response processes. Continuously evaluate and recommend new technologies, tools, and processes to enhance analytic capabilities. Required Qualifications Bachelor's degree in a technical discipline (or related field). A minimum 10 years of progressively responsible experience in cybersecurity operations, threat analysis, or incident response roles. Demonstrated ability to lead cyber defense or analysis teams in a DoD or Federal environment. Experience with SIEM platforms, network monitoring tools, and vulnerability management systems. Proficiency in interpreting MITRE ATT&CK, STIGs, and DoD cyber threat frameworks. An active US Government issued security clearance. Due to contract requirements, US citizenship is required. A current certification is required in at least one of the following: CISSP CASP Elastic/Splunk certifications Desired Qualifications Master's degree in cybersecurity, computer science, or information systems. Experience supporting DoD Cyber Operations Centers or mission partner environments. Hands-on experience with Splunk, Elastic, Tenable, or comparable SIEM and vulnerability platforms. Strong understanding of NIST 800-53, DoD Cloud SRG, and threat-hunting methodologies. Experience integrating cyber threat intelligence feeds into operational workflows. Excellent analytical, communication, and leadership skills, with the ability to brief senior stakeholders on complex threats and mitigations.