SUMMARY

DIGIT is seeking a SME FISMA Security Analyst to support the federal compliance and governance requirements for all systems supported by the Task Order.  The purpose of this role is to assist the DIGIT Director of Enterprise Security in the management and execution of GSA IT Enterprise Security Management and IT Continuity Management Services.

As a leading provider of advanced information technology solutions and professional services to U.S. federal government agencies, is the prime for a $807m task order in support of the General Services Administration (GSA) Office of Digital Infrastructure Technologies (IDT) DIGIT (Digital Innovation for GSA Infrastructure Technologies) task order driving digital transformation and delivering continuous improvement and business value to its customers.  The team is comprised of the best-in-class technology partners to leverage forward-leaning technologies and best practices to transform GSA’s IT capabilities and shift offerings to provide a more flexible service delivery model, completing the agency’s shift to a fully digital experience along with its adoption of advanced, emerging technologies such as intelligent automation, artificial intelligence, and machine learning.

RESPONSIBILITIES

This position shall perform the following (to include but not limited to) activities:

Provides technical support to divisions and branches developing security architecture and supporting design and implementation of information technology security systemsSupports research of new security products and services and supports the rollout of enterprise security solutions that leverage single Department-wide license agreements with new or existing vendors and service providersLeads developing, implementing, and maintaining enterprise-wide information security capabilitiesAnalyzes the enterprise business models and IT systems to determine security risks and risk management considerationsDefines enterprise- and system-level security requirementsProposes technical solutions for systems and applications-level security architecture and designDevelops security plans, policies and procedures
 

Qualifications
 
 CONTRACT REQUIRED QUALIFICATIONS

This following are REQUIRED for this position:

Ability to obtain a Public Trust Clearance and ITILv4 Foundation CertificationPossesses and applies a comprehensive knowledge across key tasks and high impact assignments.Functions as a security expert across multiple project assignments. Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others.Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients.Maintain standard working hours per the DIGIT contract and to be available for meetings, and other collaborative efforts during working hours.Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks.

CONTRACT DESIRED QUALIFICATIONS

The following are DESIRED for this position:

CISSP, CISA, CISM, Security+ or other relevant security certificationsFamiliarity with CUI requirements for unclassified IT systems a plusMust have track record of competency in obtaining initial A&A and reauthorizationFamiliarity with Unclassified network administration, specifically with:Network infrastructure and security best practicesLocal Area Network administration and maintenance, including user control and VPN accessFirewallsMobile Device Management Identity and Authentication Services ManagementComfortable with Windows operating systemsWillingness and ability to independently take on a variety of IT Compliance tasksLinux operating systems experienceFamiliarity in the Google Suite (Gmail, Calendar, Chat, Meet, Docs, Slides, Sheets), Microsoft Office (Word, Excel, PowerPoint, Outlook), Slack, and ServiceNow.

EDUCATION AND EXPERIENCE

The following are the education and experience required for this position:

10 - 15 years of experience and bachelor's degree or equivalentMinimum 3-5 years direct experience with supporting FISMA and Financial Audit RequirementsMinimum 3-5 years of direct experience supporting cybersecurity compliance and implementing steps to mitigate threatsMinimum 3-5 years direct experience with continuous monitoring security expertise to business units and key stakeholdersMinimum 3-5 years of direct experience creating and delivering end user-related briefings, training, policy, and/or compliance updatesExperience as a remote worker demonstrating time management and self-discipline with cultural change management and Agile mindset.