• Establish and operationalize security controls for emerging Artificial Intelligence and Machine Learning capabilities across the enterprise. • Embed security into AI solution design, protecting AI models and data pipelines, and enabling secure adoption of AI use cases across business and technology functions. • Work closely with Digital, Data, AI, Security Architecture, Engineering, and Cyber Defense Operations teams to define secure AI architecture patterns, implement guardrails, and ensure AI platforms operate within client’s cybersecurity, risk, and governance standards. • Define secure architecture patterns for AI and machine learning solutions, ensuring protection of models, training pipelines, inference environments, and supporting data flows. • Establish secure integration patterns for AI services across enterprise applications, APIs, cloud platforms, and data environments. • Review AI solution designs to ensure alignment with enterprise security architecture standards and secure-by-design principles. • Support implementation of secure controls across AI development, testing, deployment, and production environments. • Identify, assess, and mitigate AI-specific threats including model poisoning, prompt injection, adversarial attacks, unauthorized model access, data leakage, and misuse of AI outputs. • Define and implement security guardrails for AI model access, API usage, prompt controls, and secure interaction with enterprise data sources. • Establish controls to protect sensitive training data, embeddings, prompts, and inference outputs across AI workflows. • Support validation of third-party AI services and external model integrations from a cybersecurity risk perspective. • Establish AI security standards, engineering guardrails, and governance practices aligned with regulatory requirements, enterprise risk expectations, and responsible AI principles. • Partner with Digital and AI teams to enable secure AI use cases where security accelerates responsible business adoption rather than acts as a blocker. • Support creation of AI security review checkpoints for new AI initiatives, pilots, and production deployments. • Contribute to enterprise AI security policies, reference architectures, and operational standards. • Collaborate with Cyber Defense Operations to operationalize AI-related detection, monitoring, and response capabilities. • Support development of monitoring use cases for AI misuse, abnormal model behavior, unauthorized access, and suspicious data movement. • Define logging and telemetry requirements for AI platforms to improve visibility and incident readiness. • Support integration of AI platform telemetry into enterprise detection and monitoring tools where applicable. • Work closely with Security Architecture, Cloud Engineering, Data teams, Application teams, and AI program owners to ensure consistent security adoption. • Support security reviews for AI vendors, AI-enabled SaaS platforms, and internally developed AI capabilities. • Provide technical guidance to project teams on secure AI implementation and operational controls.

• Partner closely with engineering teams across the company to reduce security risk throughout the software development lifecycle • Contribute to initiatives that strengthen NerdWallet’s security posture by improving tooling, workflows, and standards that help engineers build secure software while maintaining a great developer experience • Help scale NerdWallet’s application security program through automation, tooling, and developer enablement • Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities • Build tools, processes, and automation that improve security posture visibility for engineers and leadership • Review pull requests and provide actionable guidance on secure coding practices • Support operational work during security investigations or incidents affecting applications • Help integrate security practices into the secure development lifecycle (SDLC) across teams

• Lead and contribute to the security of software solutions. • Manage the quality and performance of security measures. • Conduct thorough quality and performance testing of security features and systems. • Establish and enforce robust software engineering processes within the security team. • Collaborate with cross-functional teams to integrate security into the entire software development lifecycle (SDLC). • Stay abreast of the latest security threats, vulnerabilities, and industry best practices.

Type of Requisition: Regular Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: SSBI (T5) Job Family: IT Infrastructure and Operations Job Qualifications: Skills: Access Management, Electronic Health Records (EHR), Information Technology Project Management, Single Sign-On (SSO)Certifications: NoneExperience: 8 + years of related experienceUS Citizenship Required: No Job Description: GDIT has been supporting the IHS mission for 20+ years; working with the agency to provide integral services to raise health access and availability to 2.6 million American Indians and Alaska Natives. You'll be part of modernizing an Electronic Health Record (EHR) platform to enable better data access, patient experience, and quality of care for 567 tribes, 37 states and over 600 medical facilities. Our work depends on an Identity and Access Management (IAM) Sustainment Lead joining our team to support the Indian Health Service (IHS) Electronic Health Records Modernization (EHRM) program. As an Identity and Access Management Sustainment Lead supporting the IHS EHRM program, you will be responsible for driving IAM initiatives across GDIT IHS EHRM Engineering and Sustainment teams, and with various IHS customer teams. This position is fully remote, US based. This role requires you to obtain and maintain an in-depth Public Trust Level 5. This investigation will review personal and criminal behavior, financial conduct, foreign influence, as well as other adjudications. HOW THIS ROLE WILL MAKE AN IMPACT: - Will be responsible for leading, designing, and technical integration of Identity and Access Management (IAM) frameworks, systems, and protocols for the IHS Modernization program. - Significant focus on designing IAM processes for concurrent, multi-facility rollout of a large, cloud-based instance of Oracle Health (Cerner Millennium) EHR. - Effort will initially focus on Pilot facility and first grouping of additional facilities; responsibilities will shift towards sustainment and support processes over time. - Significant interaction with various IHS customer-side teams, including end-user systems support and engineering, networking infrastructure, and cybersecurity. - Will be responsible for SSO, authentication and access controls ensuring confidentiality, integrity and availability of IAM systems and data. - Prepares and maintains documentation for processes and procedures per Government requests. - Maintains current knowledge of rapidly changing technology and works with management to evolve current processes. REQUIRED QUALIFICATIONS AND EXPERIENCE: - Bachelor’s degree or equivalent combination of education and experience. - 8+ years of experience supporting medium to large IT projects to include performance reporting and system setup. - Significant experience with Oracle Health (Cerner Millennium) software, specifically role-based access, user positions, and Millennium core concepts - Significant experience with industry-based IAM authentication and authorization software, such as Okta, Active Directory, ServiceNOW - Extensive understanding of expense and timekeeping management, process, and policies. - Training/education/experience in task coordination; functional knowledge of IT project management concepts and tools. - Must be able to obtain and maintain a Public Trust Level 5 clearance. - Ability to travel up to 25% of the year, if needed. DESIRED QUALIFICATIONS AND EXPERIENCE: - 8+ years of relevant analyst experience. - Experience with large, federal programs and/or contracts. - Task management experience and/or skills. - Excellent organizational and time management skills; ability to manage frequently changing priorities of competing importance. - Ability to communicate and interact effectively with internal/external teams including key stakeholders, various customer teams, and/or executive leadership. - Ability to work and support the work of others across multiple U.S. time zones. - Ability to work independently with minimal supervision and within tight deadlines, following detailed written policies, processes, procedures, and work instructions. - Ability to produce high-quality documentation that contributes to the overall success of the program. GDIT IS YOUR PLACE: - ​Full-flex work week to own your priorities at work and at home. - 401K with company match. - Comprehensive health and wellness packages. - Internal mobility team dedicated to helping you own your career. - Professional growth opportunities including paid education and certifications. - Cutting-edge technology you can learn from. - Rest and recharge with paid vacation and holidays. #IHSJobs #GDITFedHealthJobs #EHR #IHSEHRM The likely salary range for this position is $149,469 - $189,750. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Remote Work Location: Any Location / Remote Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events atgdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans