**Type of Requisition:** Regular
**Clearance Level Must Be Able to Obtain:** None
**Public Trust/Other Required:** NACI (T1)
**Job Family:** Information Security
General Dynamics Information Technology (GDIT) is seeking a Senior Information Security Analyst who is innovative, dedicated, and highly motivated to solve challenging problems for our client, the Division of Federal Systems (DFS) for the Office of Child Support Enforcement (OCSE).
Our team provides program support to DFS OCSE to manage and monitor the development, implementation, operation, maintenance, technical support, and enhancement of the division’s systems and services. Federal Parent Locator Service (FPLS) information is, by statute, made available to child support agencies and a limited number of federal and state agencies. These secure systems and services help child support agencies, employers, insurers, and financial institutions exchange information about child support cases; locate parents; establish paternity, custody and visitation; collect support; and identify fraud.
THIS IS A REMOTE BASED ROLE; CANDIDATES MUST RESIDE IN THE UNITED STATES.
The ideal candidate enjoys the challenges and opportunities provided by a fast-paced, customer-oriented environment. If you want to work with a dynamic group of dedicated, technical professionals on a collaborative team that supports a critical mission, we encourage you to apply.
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security
+ Provide guidance to the design and development teams to ensure compliance with Federal mandates, OMB and NIST guidelines, Health and Human Services (HHS), Administration for Children and Families (ACF) and Federal Parent Locator Service (FPLS) security requirements.
+ Provide guidance to the design and development teams on security issues, and assist as needed in the development of security documentation for Security Authorization.
+ Serve as a Subject Matter Expert (SME) on application and network security topics as well as emerging security technologies.
+ Participate in routine and on-demand system and application vulnerability scanning, document findings and recommendations, and present analysis of results to stakeholders.
+ Participate in the continuous monitoring of FPLS systems and applications in support of the security authorization process through system development life cycle, risk assessments, vulnerability testing, inventory and configuration audits, technical and physical assessments, and development of security documentation.
+ Serve as one of the Security team’s representatives to the Data Access team to ensure data sharing and research partners adhere to FPLS security requirements.
+ Support the development and maintaining of security policies, procedures and required documentation for security compliance with Federal mandates, OMB and NIST guidelines, HHS/ACF and FPLS requirements.
+ Support the Office of Child Support Enforcement (OCSE) management, the ACF CISO, ACF Cyber Security Office, and HHS Chief Information Security Officer (CISO) to ensure FPLS compliance with ACF and HHS security requirements.
+ Assist the FPLS ISSO, FPLS ITSSO and Technical Manager to ensure that FPLS upholds all security requirements to maintain the ACF Authority to Operate.
+ Support the Security Team in responding to external audits conducted by the HHS Inspector General (IG), Internal Revenue Service (IRS) and other Federal agencies as required.
+ Document and track internal POAMs for DFS systems and applications
+ Assist in the development and delivery of Security Awareness Training as required.
+ Participate in conducting security site assessments on data matching partner sites and FPLS contractor sites.
+ Coordinate and assist customer on requisite System Security Plans (SSPs) in accordance with agency-established policies.
+ Assist in the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
+ Assess security events to determine impact and implements corrective actions.
+ Participate in network and systems design to ensure implementation of appropriate systems security policies.
+ Collaborate with the security team to ensure the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services.
+ Develop and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
+ Promote awareness of security issues among management and ensures sound security principles are reflected in organizations’ visions and goals.
+ Conduct research pertaining to the latest security vulnerabilities. and the latest technological advances in combating unauthorized access to information.
+ Support the client in publishing security alerts, advisories, and bulletins.
+ Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
+ Support systems security evaluations, audits, and reviews.
+ Develop systems security contingency plans and disaster recovery procedures.
+ Develop policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data.
+ Recommend technological and architectural upgrades/modifications to client's Information Systems Security architecture.
+ Provide input to incident response functions when appropriate and coordinates activities with site personnel when directed by the client organization.
+ May require travel to DC office for 1-2 meetings/year.
+ Sponsorship is not available for this role
**Required Skills and Experience:**
+ Exceptional written and verbal communication skills; a writing sample will be requested.
+ At least 2 years of professional work experience in a cybersecurity role.
+ Web application development knowledge
+ Demonstrated experience and understanding of Information Assurance in the following specialties: Internet and Intranet Applications and Authentication; and Physical, Personnel, Network, Computer, Information, Operational, Administrative, and Communications Security.
+ Experience handling multiple tasks simultaneously, and the ability to work independently in a high stress environment with an orientation towards customer service.
**Desired Skills and Experience:**
+ Security or IT certifications (e.g. CISSP, CISA, MCSE, C|EH,etc.) related to the security of web and portal developments.
+ Knowledge of FedRAMP and cloud computing
+ Knowledge of Network infrastructure and ability to analyze network diagrams
+ Knowledge of mainframe technologies (z/OS,DB2)
+ Knowledge of web application vulnerability scanning tools such as IBM AppScan
+ Knowledge of the Child Support Enforcement program and system operations.
+ Experience handling sensitive data sources and distribution of data containing personally identifiable information.
+ Mainframe processing knowledge a plus
COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.