Cyber Compliance Lead

Please note: This role is contingent upon a contract award. While it is not an immediate opening, we are actively conducting interviews and extending offers in anticipation of the award.

We are seeking a Cyber Compliance Lead to oversee compliance, risk management, and governance activities in support of a federal government program. The ideal candidate will serve as the primary point of contact for ensuring that all systems, processes, and documentation meet federal cybersecurity requirements, including NIST, FedRAMP, FISMA, and agency-specific standards.

Job Location: Remote work is authorized. Must support US Eastern time zone working hours.

*If you accept this position, you should note that ICF does monitor employee work locations, blocks access from foreign locations/foreign IP addresses, and prohibits personal VPN connections.

What You Will Do:

• Lead the development, implementation, and maintenance of cybersecurity compliance frameworks for federal systems.
• Ensure compliance with federal requirements (NIST RMF, FISMA, FedRAMP, CMMC, agency directives, etc.).
• Manage and oversee Authority to Operate (ATO) processes, including preparation of documentation (SSPs, SARs, POA&Ms, etc.).
• Conduct internal audits, security control assessments, and continuous monitoring activities.
• Provide guidance to technical and program teams on compliance obligations, risks, and remediation strategies.
• Collaborate with government stakeholders, system owners, and contractors to resolve compliance issues.
• Track and report compliance status, risks, and mitigation plans to leadership.
• Serve as subject matter expert on evolving federal cybersecurity policy, standards, and regulations.

What You Will Bring With You:

• U.S. Citizenship or a Green Card is required due to federal contract requirements and ability to obtain a Public Trust clearance.
• Candidate must reside in the U.S., be authorized to work in the U.S., and all work must be performed in the U.S.
• Candidate must have lived in the U.S. for three (3) full years out of the last five (5) years.
• Bachelor's degree in Cybersecurity, Information Technology, or related field.
• Requires 7+ years of compliance/security experience, including ATO support, secure SDLC practices under EO 14028, supply chain attestation, and FedRAMP inheritance.

What We Would Like You To Bring With You:

• Master’s degree preferred.
• Strong knowledge of NIST Risk Management Framework (RMF), FedRAMP, FISMA, CMMC, and related federal cybersecurity requirements.
• Hands-on experience with compliance tools, continuous monitoring, and vulnerability management solutions.
• Prior experience leading ATO processes and working with federal authorizing officials.

Professional Skills:

• Highly effective analytical, influential, problem-solving, and decision-making capabilities.
• Excellent communication and interpersonal skills to interface effectively at all levels of the business.
• Organized, detailed-oriented, and able to prioritize and multi-task.

Working at ICF

ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.

We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals.

We will consider for employment qualified applicants with arrest and conviction records.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process.

Candidate AI Usage Policy

At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted.

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications, and competencies that align to the specified role, geographic location, education, and certifications as well as contract provisions regarding labor categories that are specific to the position.

The pay range for this position based on full-time employment is: $130,603.00 - $222,024.00 Nationwide Remote Office (US99)