Key skills
PythonJavaSQLPowerShellAIAgenticAWSAzurePenetration Testing
About this role
ICF is a global advisory and technology services provider, and they are seeking an Associate Cyber Security Analyst to support the day-to-day operation of their information security program. This role involves monitoring, maintaining, and documenting security controls while collaborating with experienced analysts to identify and escalate security issues.
Responsibilities:
- Assist with monitoring, maintaining, and documenting security controls and technologies, including endpoint protection, access controls, vulnerability management, and security event monitoring
- Help identify, document, and escalate security issues, supports routine security operations, and contributes to security assessments and reporting
- Provide hands-on exposure to and guidance with incident response, compliance activities, and security tooling while developing technical and professional cybersecurity skills in a structured, supportive environment
- Collaborate with technical and business stakeholders to support vulnerability remediation and security event response
- Learn, follow, and document common security processes under guidance from senior team members
- Assist with security request and incident ticket intake, triage, and escalation
- Support the collection and creation of artifacts for audit and compliance activities
- Analyze security log data to identify emerging or unusual patterns
- Review and help validate vulnerability findings using established processes
- Assist with the operation of infrastructure and application vulnerability scanning tools
- Research and test emerging threats, vulnerabilities, and security techniques
- Assist in modifying or proposing security alerts for events of interest
- Participate in on-call rotations as part of a team, with guidance and escalation support
- Assist with disaster recovery and incident response testing and exercises
Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent practical experience
- Detail‑oriented with a strong analytical mindset and a willingness to learn
- Ability to clearly document work and communicate effectively in writing and verbally
- Collaborate with technical and business stakeholders to support vulnerability remediation and security event response
- Learn, follow, and document common security processes under guidance from senior team members
- Assist with security request and incident ticket intake, triage, and escalation
- Support the collection and creation of artifacts for audit and compliance activities
- Analyze security log data to identify emerging or unusual patterns
- Review and help validate vulnerability findings using established processes
- Assist with the operation of infrastructure and application vulnerability scanning tools
- Research and test emerging threats, vulnerabilities, and security techniques
- Working knowledge of Windows, macOS, and/or Linux operating systems
- Foundational understanding of networking concepts, including the OSI model, TCP/IP, routing, and switching
- Familiarity with scripting or query languages such as PowerShell, Python, Java, or SQL
- Assist in modifying or proposing security alerts for events of interest
- Participate in on‑call rotations as part of a team, with guidance and escalation support
- Assist with disaster recovery and incident response testing and exercises
- 1–2 years of general technology experience (including internships, academic projects, or relevant hands‑on work)
- Foundational knowledge of information security principles, common security practices, and log monitoring/analysis concepts
- Familiarity with cloud platforms (Azure and/or AWS) and common security tools through coursework, labs, or hands‑on experience (e.g., vulnerability scanners, network analysis tools, penetration testing frameworks)
- Exposure to security monitoring and incident response fundamentals, including network traffic analysis
- Basic scripting or automation experience (e.g., simple scripts or academic projects)
- Awareness of emerging technologies, including the use of generative or agentic AI in security contexts
- Strong interest in learning and developing cybersecurity skills
- Ability to manage multiple tasks, adapt to changing priorities, and operate effectively in time‑sensitive situations
- Demonstrated professionalism and discretion in handling sensitive information
- Flexibility to support extended hours or incident response activities, as needed
- Entry‑level cybersecurity certifications (e.g., CompTIA Security+ or equivalent) a plus