Software Security Engineer - Cloud/GovCloud Top Secret Clearance - ICF Consulting Group, Inc.

Key Responsibilities

• Design and implement security controls for mission‑critical applications deployed on AWS GovCloud and other cloud platforms.
• Integrate security testing (SAST, DAST, dependency scanning) into CI/CD pipelines to enable continuous compliance.
• Conduct threat modeling, risk assessments, and code reviews for Python and Java services.
• Collaborate with development and operations teams to embed DevSecOps practices and remediate vulnerabilities.
• Develop security guidelines, hardening scripts, and automation tools to improve the security posture of cloud workloads.

Requirements

• Top Secret (or higher) security clearance with eligibility to work on classified government projects.
• 5+ years of experience in software security engineering, preferably in federal or defense environments.
• Strong proficiency in Python and Java, and hands‑on experience securing cloud services on AWS GovCloud.
• Demonstrated expertise with DevSecOps tools (e.g., Jenkins, GitLab CI, Terraform) and automated security testing frameworks.
• Solid understanding of threat modeling methodologies, secure coding practices, and regulatory compliance (e.g., NIST, FedRAMP).