Security Analyst

Description

About Our Company:

Join Delmock Technologies, Inc. (DTI), a leading HUBZone business in Baltimore, known for delivering sophisticated IT and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the local community, DTI creates opportunities for talented residents while maintaining a stellar reputation as an award-winning contractor, earning accolades like the Government Choice Award for IRS Systems Modernizations. Recently ranked as high as #3 among HUBZone Companies in a GOVWIN survey, DTI offers a dynamic environment for those passionate about impactful projects, community involvement, and contributing to a top-ranking Federal project support team.

At DTI, we balance continuous growth and innovation with a strong dedication to corporate social responsibility. Join our talented team and be part of a company that values both professional excellence and community impact. Explore the exciting career opportunities awaiting you at DTI!

DTI is committed to hiring and maintaining a diverse workforce. We are an equal opportunity employer making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class.

Responsibilities:

• Bridges the gap between legacy development or operations teams and working toward a shared culture and vision
• Works to ensure that developers create the most secure systems in the world while enhancing the privacy of all system users
• Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews
• Developing and implementing technical solutions to help mitigate security vulnerabilities
• Conducting research to identify new attack vectors
• Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews
• Developing and implementing technical solutions to help mitigate security vulnerabilities
• Conducting research to identify new attack vectors
• Reviews and provides feedback for all Security Artifacts
• Provides schedule support for security activities
• Leads and coordinates environment scan activities
• Reviews, analyzes, and tracks all environment related scan outcomes and support the remediation of low/med/high security findings
• Supports security engineering and compliance transformation efforts as needed
• Supports enterprise continuous diagnostics mitigation (CDM) effort
• Reviews, analyzes, and tracks all code related scan outcomes and supports FDT's with remediation of low/med/high security findings
• Provides reporting on the status of code related security findings and the health of the application code base from a pre-launch security perspective
• Supports the Cyber Penetration Test and Code analysis team (PTCA) code submission process for final production code review
• Provides support to further improve the continuous security monitoring of the application code base
• Collaborates with code and environment scan tool owners regarding updates/fixes and identifies tool improvement opportunities
• Supports Cyber security assessment activities as needed
• Supports DevSecOps compliance and engineering activities
• Provides support and expertise in maintaining security-based compliance documents as agreed upon by the IRS
• Support Cyber security assessment activities
• Perform security audits, risk analysis, application-level vulnerability testing, and security code reviews
• Review and provide feedback to all Security ELC related artifacts
• Provide schedule support for security activities
• Collaborate with code and environment scan tool owners regarding updates/fixes and identifies tool improvement opportunities
• Review, analyze, and track all environment related scan outcomes and support the remediation of low/med/high security findings
• Report on the status of Security post deployment scan items and support the remediation of low/med/high security findings from post deployment scan activities *Report on the status of code related security findings and the health of the application code base from a pre-launch security perspective
• Support the Cyber Penetration Test and Code analysis team (PTCA)'s code submission process for final production code review
• Support DevSecOps compliance and engineering activities Develop and implement technical solutions to help mitigate security vulnerabilities
• Conduct research to identify new attack vectors
• Lead and coordinate environment scan activities
• Support enterprise continuous diagnostics mitigation (CDM) effort

Education, Degrees, and Certifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field

Minimum Requirements:

• 5 years of experience serving as the security engineer of complex technology implementations in a product-centric environment.
• Experience with white hat hacking and fundamental computer science concepts strongly desired.

Preferred:

• Active IRS MBI Clearance

Location:

• This position is hybrid, based in Lanham, Maryland. Candidates must be local to Lanham, MD or willing to relocate.