Journeyman Information Security Analyst

Delmock Technologies•Washington, DC

7h•Remote

About The Position

Delmock Technologies, Inc. (DTI), is a leading HUBZone business in Baltimore, known for delivering sophisticated IT (Information Technology) and Health solutions with a commitment to ethics, expertise , and superior service. Actively engaged in the local community, DTI creates opportunities for talented residents while maintaining a stellar reputation as an award-winning contractor, earning accolades like the Government Choice Award for IRS (Internal Revenue Service) Systems Modernizations. Location : This position is remote. Recently ranked as high as #3 among HUBZone Companies in a GOVWIN survey, DTI offers a dynamic environment for those passionate about impactful projects, community involvement, and contributing to top-ranking Federal and State Commissionaires project support team s . At DTI, we balance continuous growth and innovation with a strong dedication to corporate social responsibility. Join our talented team and be part of a company that values both professional excellence and community impact. Explore the exciting career opportunities awaiting you at DTI! DTI is committed to hiring and maintaining a diverse workforce. We are an equal opportunity employer making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class .

Requirements

Active IRS MBI Clearance is required to be considered for this position.
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.
Security+ CE certification.
Five years of progressively responsible experience in information security, cyber risk management, or IT security operations.
Must include at least 3 years of hands-on experience in system security analysis, vulnerability management, or incident response within a Federal Information Systems Security or equivalent enterprise environment.

Nice To Haves

Higher-level certifications (e.g., CISSP, CISM, CEH, CAP) preferred and may substitute for additional years of experience.

Responsibilities

Implement and assess security controls in accordance with FISMA, FedRAMP, IRS IRM 10.8, and National Institute of Standards and Technology (NIST) SP 800-53 Moderate/High baselines.
Support RMF activities including control implementation, evidence collection, SSP updates, and POA&M development and tracking.
Perform vulnerability scanning, configuration compliance checks, and remediation validation in alignment with NIST SP 800-40 and SP 800-70 requirements.
Monitor and analyze audit logs and security events; ensure integration with enterprise logging systems (e.g., ESAT) for centralized analysis and reporting.
Validate implementation of encryption controls (data-at-rest and data-in-transit) meeting FIPS 140-2/140-3 standards and proper key management practices (NIST SP 800-57).
Support identity and access management controls including least privilege, role-based access, MFA enforcement, and privileged account monitoring (e.g., BEARS, PUMAS integration).
Assist with remediation of Known Exploited Vulnerabilities and compliance with Binding Operational Directives issued by the Cybersecurity and Infrastructure Security Agency (CISA).
Contribute to Zero Trust Architecture implementation efforts in accordance with NIST SP 800-207.
Support development of security documentation and artifacts including ISCPs, SRAs, SCAs, SBOM validation, and C-SCRM evidence collection.
Participate in audits, security assessments, incident response activities, and continuous monitoring reporting to ensure ongoing compliance.