Senior Security & Compliance Analyst

Type of Requisition: Regular Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Suitability: No Suitability Required Public Trust/Other Required: None Job Family: Information Security Job Qualifications: Skills: Information Technology Security, Security Compliance, Security Policies Certifications: Experience: 10 years of related experience US Citizenship Required: No Job Description: Senior Security & Compliance Analyst Deliver solutions to complex problems as a Senior Information Security & Compliance Analyst at GDIT. Your work will have you fully immersed in our client’s domain in order to deliver solutions for their complex needs. At GDIT, you’ll prioritize the client while we prioritize your career. At GDIT, people are our differentiator. You will join our team in partnership with New York State of Health (NYSoH) to provide comprehensive health coverage to more than 6.7 million New Yorkers through its Health Benefit Exchange (HBE) HOW YOU’LL MAKE AN IMPACT: You’ll join our talented Program Security Compliance & Privacy Team and provide key support to protect critical information systems and customer data with a focus on IT security compliance and information assurance controls. Analyze security, compliance and privacy requirements, system data, policy and documentation to ensure adherence to various corporate and regulatory frameworks. Provide information assurance project management, technical security staff support, and development of mission-critical technical documents Support continuous improvement efforts designed to make security a core part of all program systems. Perform security impact assessments on new and modified technologies. Serve as team or task lead, and backup to the program ISSO WHAT YOU’LL NEED TO SUCCEED: Education: Bachelor’s degree in Computer Science, Management Information Systems, or IT Security. Experience: Ten (10) years of intensive and progressive experience in information technology as applied to security, compliance and privacy controls. Five (5) years program compliance experience interpreting information assurance controls adherence to regulatory frameworks and communicating the requirements to technical teams; demonstrating controls adherence for audits; conducting investigations of information systems security violations and incidents; recommending information assurance engineering standards, implementation dependencies, and changing information assurance related technologies; drafting and modifying security policies and procedures; conducting system audits and vulnerability assessments. Proven experience in security impact assessments across various technologies (networking, database, operating systems, and application code, software, and cloud services) to identify any adverse impact to the protective controls. Demonstrated understanding of network protocols, DNS, AD, PKI, and DNS, as they relate to security. Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, and non-repudiation). Skills: Demonstrated ability to work independently and meet delivery targets of compliance filings. Ability to communicate clearly and effectively, often to senior leadership, clients and external partners. Demonstrate ownership/responsibility in driving the security of the systems to high standards. Responsive, adaptive to a complex changing environment. Excellent analytical and multitasking skills. Strong attention to detail in diagnosing problems and ensuring solutions address the issues. Continual drive to learn and improve. Innately organized and exceptionally detail oriented and able to task switch and work on multiple tasks. Ability to work accurately under pressure and prioritize time to meet all deadlines.   Strong collaboration skills with ability to reach sound solutions in an effective manner. Handle demanding situations with clarity, focus and professionalism, and respond to quick turnaround tasks Resolve issues with little oversight; ability to gather and analyze information skillfully and develop alternative solutions. Are self-motivated and well-organized. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Hybrid Work Location: USA NY Rensselaer Additional Work Locations: COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements. We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. Join our 30,000 everyday heroes. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. For more information about GDIT's Privacy Policy, click here: https://www.gdit.com/privacy-policy/notices/