FISMA Security Analyst (SME level)

Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challenges in Health, Defense, and Civilian missions. Our proven Empower AI Platform® provides a practical, sustainable path for clients to achieve transformation that is true to who they are, what they do, how they work, with the resources they have. The result is a government workforce that is exponentially more creative and productive. For more information, visit www.Empower.ai.

Empower AI is proud to be recognized as a 2024 Military Friendly Employer by Viqtory, the publisher of G.I. Jobs. This designation reflects the company’s commitment to hiring and supporting active-duty and veteran employees.

DIGIT is seeking a SME FISMA Security Analyst to support the federal compliance and governance requirements for all systems supported by the Task Order.  The purpose of this role is to assist the DIGIT Director of Enterprise Security in the management and execution of GSA IT Enterprise Security Management and IT Continuity Management Services.

As a leading provider of advanced information technology solutions and professional services to U.S. federal government agencies, is the prime for a $807m task order in support of the General Services Administration (GSA) Office of Digital Infrastructure Technologies (IDT) DIGIT (Digital Innovation for GSA Infrastructure Technologies) task order driving digital transformation and delivering continuous improvement and business value to its customers.  The team is comprised of the best-in-class technology partners to leverage forward-leaning technologies and best practices to transform GSA’s IT capabilities and shift offerings to provide a more flexible service delivery model, completing the agency’s shift to a fully digital experience along with its adoption of advanced, emerging technologies such as intelligent automation, artificial intelligence, and machine learning.

RESPONSIBILITIES

This position shall perform the following (to include but not limited to) activities:

• Provides technical support to divisions and branches developing security architecture and supporting design and implementation of information technology security systems
• Supports research of new security products and services and supports the rollout of enterprise security solutions that leverage single Department-wide license agreements with new or existing vendors and service providers
• Leads developing, implementing, and maintaining enterprise-wide information security capabilities
• Analyzes the enterprise business models and IT systems to determine security risks and risk management considerations
• Defines enterprise- and system-level security requirements
• Proposes technical solutions for systems and applications-level security architecture and design
• Develops security plans, policies and procedures

CONTRACT REQUIRED QUALIFICATIONS

This following are REQUIRED for this position:

• Ability to obtain a Public Trust Clearance and ITILv4 Foundation Certification
• Possesses and applies a comprehensive knowledge across key tasks and high impact assignments.
• Functions as a security expert across multiple project assignments. 
• Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others.
• Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients.
• Maintain standard working hours per the DIGIT contract and to be available for meetings, and other collaborative efforts during working hours.
• Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks.

CONTRACT DESIRED QUALIFICATIONS

The following are DESIRED for this position:

• CISSP, CISA, CISM, Security+ or other relevant security certifications
• Familiarity with CUI requirements for unclassified IT systems a plus
• Must have track record of competency in obtaining initial A&A and reauthorization
• Familiarity with Unclassified network administration, specifically with:
• Network infrastructure and security best practices
• Local Area Network administration and maintenance, including user control and VPN access
• Firewalls
• Mobile Device Management 
• Identity and Authentication Services Management
• Comfortable with Windows operating systems
• Willingness and ability to independently take on a variety of IT Compliance tasks
• Linux operating systems experience
• Familiarity in the Google Suite (Gmail, Calendar, Chat, Meet, Docs, Slides, Sheets), Microsoft Office (Word, Excel, PowerPoint, Outlook), Slack, and ServiceNow.

EDUCATION AND EXPERIENCE

The following are the education and experience required for this position:

• 10 - 15 years of experience and bachelor's degree or equivalent
• Minimum 3-5 years direct experience with supporting FISMA and Financial Audit Requirements
• Minimum 3-5 years of direct experience supporting cybersecurity compliance and implementing steps to mitigate threats
• Minimum 3-5 years direct experience with continuous monitoring security expertise to business units and key stakeholders
• Minimum 3-5 years of direct experience creating and delivering end user-related briefings, training, policy, and/or compliance updates
• Experience as a remote worker demonstrating time management and self-discipline with cultural change management and Agile mindset.

PHYSICAL REQUIREMENTS
The physical demands described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.  While performing the duties of this job, the employee is regularly required to do the following: 

• If remote, maintain home workspace in a safe manner, free from safety hazards and in line with information security policies. 
• Communicate verbally in person, over the phone or by video chat and clearly/succinctly in writing, primarily utilizing a keyboard. 
• Appear on camera for meetings with co-workers and government partners via video chat and ensure the protection of proprietary company and customer information is consistent with the company’s expectation of information security.
• Viewing computer screens and sitting for long periods of time. 
• Travel is not required.     

It is the policy of Empower AI to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations. In addition, we affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, or gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations.  Empower AI is a VEVRAA Federal Contractor.