Role Description GDIT is your place. You make it your own. Bring your creativity to help us find simple solutions to complex problems. By owning your opportunity at GDIT, you’ll play an essential part in preparing our nation for the future. Our work depends on an Information Security Analyst Sr Advisor joining our team to support Indian Health Service (IHS). In this role, a typical day will include: - Provide support for DHHS information security. - Facilitate current security infrastructure and define future programs, design and implementation of fire-wall and other related security issues. - Analyze the information systems to ensure that appropriate security functions have been included in the systems design and architecture. - Participate in IHS development processes by providing assistance to developers and conducting security impact assessments for development changes. - Assist with implementation of counter-measures or mitigating controls. - Provide guidance in the creation and maintenance of Standard Operating Procedures and other similar documentation including System Security Plans, Security Manuals, etc. - Manage responses and/or remediation of POAMs related to government investment supported systems. - Maintain current knowledge of relevant technology as assigned. - Participate in special projects as required. - Stay informed as to current and emerging security requirements (e.g., zero trust, SBOM, etc.) and communicate impacts to the team. - Be the conduit between the GDIT team and customer security organizations. Qualifications - Bachelor’s Degree in IT Security, Computer Science, or a related technical discipline, and 10 years of related experience (or) Master's Degree and 8 years (or) PhD/Doctorate and 6 years of related experience. - IT Security implementation and monitoring required. - General knowledge of scientific processes, management structures, and technology programs/platforms. - Familiarity with Agile Software Development Lifecycle (SDLC) Methodology. - Expert knowledge of data security administration principles, methods, and techniques. - Familiarity with domain structures, user authentication, and digital signatures. - Broad knowledge of security (IA) practices and tools is required. - Understanding of network configuration and monitoring. - Understanding of federal security policies and procedures, including FIPS 199, FIPS 200, and NIST 800-53. - Security certification such as a CISSP or CISA. Requirements - Familiarity with Electronic Healthcare technology and operations. - Familiarity with Source Code Control/Version Management software. - Knowledge of the VistA electronic health record or Resource Patient Management System (RPMS). - Understanding of the Department of Health and Human Services (HHS) Enterprise Performance Life Cycle (EPLC). Benefits - Full-flex work week to own your priorities at work and at home, with core work hours Monday – Friday 9:00 AM ET – 3:00 PM ET. - 401K with company match. - Comprehensive health and wellness packages. - Internal mobility team dedicated to helping you own your career. - Professional growth opportunities including paid education and certifications. - Cutting-edge technology you can learn from. - Rest and recharge with paid vacation and holidays. - Challenging work that makes a real impact on the world around you. - Remote work.

Role Description The Security Analyst responds and triages security alerts across various security technologies. The role investigates activities and events and executes timely remediation or escalation. The role also supports continuous improvement of detection and response processes to strengthen overall security posture. Essential Functions - Act as an Incident Response team member, available to respond to alerts and calls during and after business hours. - Work with various security tools: Intrusion Prevention and Detection, Antivirus/Anti-malware protection, Endpoint Detection and Response, web filtering, vulnerability management scanners, forensic tools, cross detection and response tools, Mobile Device Management, and Data Loss Prevention management controls. - Conduct proactive threat hunting across environment utilizing advanced query techniques, such as Apache, PowerShell, etc. - Analyze, diagnose, and methodically identify malicious emails through both security tooling and demonstrated experience with known risks, attack vectors, and observed patterns of life. - Configure and optimize email security protocols to prevent email-based threats. - Monitor and triage identity-related security activity, such as risky sign-ins, impossible travel, and other anomalous activity, initiating containment steps if needed. - Work closely with established third-party networking and security oversight relationships to facilitate a consistently strong security posture. - Meticulously document findings, tasks, and forensic investigations performed on security events and incidents. - Identify and report security vulnerabilities, collaborating with technology teams to ensure successful remediation. - Investigate and resolve access blocks generated by web filtering technology, working with end users to validate policy alignment. - Partner with the technology department and other business units to ensure security initiatives are completed and security gaps are remediated. - Support user education on secure best practices. - Work effectively with IT vendors and managed services partners. - Other duties as assigned. Qualifications - B.S. or equivalent in Computer Science, Information Science & Technology, or related field or equivalent work experience required. Security certifications highly desired. Requirements - Must possess at least three years experience in technical security related work required. - Demonstrated history of security operations experience, including threat hunting, runbook development, alert validation and containment, anomaly detection, etc. - Strong experience in Active Directory, Azure and Microsoft Entra ID. - Strong experience in vulnerability management. - Knowledge of network security controls, protocols, device and security policy design and Implementation. - Extensive knowledge around network monitoring and analysis. - Experience working in a highly regulated environment. - Extensive knowledge surrounding identity risk and IOC analysis. - Experience in HIPAA and SOC 2 compliance environments. - Familiarity with NIST SP 800 series, ISO/IEC 27000 series, and similar frameworks. Benefits - Medical, Dental, Vision, Life and Disability Insurance. - Generous Paid Time Off. - Tuition Reimbursement. - EAP. - Technology Stipend. Physical Demands This is a standard desk position requiring extended sitting and computer work. Work Environment Remote. Here at Allied, we believe that great talent can thrive from anywhere. Our remote friendly culture offers flexibility and the comfort of working from home, while also ensuring you are set up for success. To support a smooth and efficient remote work experience, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 100Mbps download/25Mbps upload. Reliable internet service is essential for staying connected and productive.

• Validate SecOps agent investigations by thoroughly reviewing the incident attack story, associated alerts, involved entities, and correlated signals to ensure accuracy and completeness. • Ensure SecOps agents and automated workflows executed correctly without technical issues, verifying that investigations ran smoothly and results are reliable. • Confirm the accuracy of incident verdicts by identifying false positives, incomplete investigations, or incorrect threat classifications. • Perform deeper analysis when required, including URL detonation or sandboxing, file analysis, and reviewing customer inventory and context to ensure findings are accurate and relevant. • Validate and apply Incident Management (IM) tags correctly, and approve, modify, or reject automated findings before escalation or response.

• Use AI-enhanced SIEM, XDR, and threat intelligence platforms to continuously monitor security events across cloud and on-premises environments. • Analyze security alerts, logs, and threat data using AI-assisted tools to rapidly distinguish true positives from noise. • Proactively hunt for threats and anomalies using AI-informed behavioral analytics. • Lead and support security incident response activities; use AI tools to accelerate root cause analysis. • Conduct and support vulnerability assessments across cloud, application, and infrastructure environments; use AI tools to prioritize remediation efforts. • Support compliance activities across relevant frameworks (e.g., HIPAA, SOC 2, NIST); use AI tools to monitor for policy drift.