Information Security Analyst Principal

About The Position

Requirements

• Bachelor’s Degree in IT Security, Computer Science, or a related technical discipline, and 10 years of related experience (or) Master's Degree and 8 years (or) PhD/Doctorate and 6 years of related experience.
• IT Security implementation and monitoring required.
• General knowledge of scientific processes, management structures, and technology programs/platform
• Familiarity with Agile Software Development Lifecycle (SDLC) Methodology
• Expert knowledge of data security administration principles, methods, and techniques.
• Familiarity with domain structures, user authentication, and digital signatures.
• Broad knowledge of security (IA) practices and tools is required
• Understanding of network configuration and monitoring.
• Understanding of federal security policies and procedures, including FIPS 199, FIPS 200, and NIST 800-53.
• Security certification such as a CISSP or CISA
• Requires the ability to pass an IHS background check in order to obtain an appropriate level Public Trust clearance.

Nice To Haves

• Familiarity with Electronic Healthcare technology and operations
• Familiarity with Source Code Control/Version Management software
• Knowledge of the VistA electronic health record or Resource Patient Management System (RPMS)
• Understanding of the Department of Health and Human Services (HHS) Enterprise Performance Life Cycle (EPLC)

Responsibilities

• Provide support for DHHS information security.
• Provide support for facilitating current security infrastructure and define future programs, design and implementation of fire-wall and other related security issues.
• Analyzes the information systems to ensure that appropriate security functions have been included in the systems design and architecture.
• Participates in IHS development processes by providing assistance to developer and conducting security impact assessments for development changes.
• Assists with implementation of counter-measures or mitigating controls.
• Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentation including System Security Plans, Security Manuals, etc.
• Manage responses and/or remediation of POAMs related to government investment supported systems.
• Maintains current knowledge of relevant technology as assigned.
• Participates in special projects as required
• Stay informed as to current and emerging security requirements (e.g, zero trust, SBOM, etc.) and communicate impacts to the team.
• Be the conduit between the GDIT team and customer security organizations

Benefits

• Full-flex work week to own your priorities at work and at home, with core work hours Monday – Friday 9:00 AM ET – 3:00 PM ET.
• 401K with company match.
• Comprehensive health and wellness packages.
• Internal mobility team dedicated to helping you own your career.
• Professional growth opportunities including paid education and certifications.
• Cutting-edge technology you can learn from.
• Rest and recharge with paid vacation and holidays.
• Challenging work that makes a real impact on the world around you.
• Remote work.