Journeyman Information Security Analyst

About Our Company:

Delmock Technologies, Inc. (DTI), is a leading HUBZone business in Baltimore, known for delivering sophisticated IT (Information Technology) and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the local community, DTI creates opportunities for talented residents while maintaining a stellar reputation as an award‑winning contractor, earning accolades like the Government Choice Award for IRS (Internal Revenue Service) Systems Modernizations.

This position is remote.

Clearance:
Active IRS MBI Clearance is required to be considered for this position.

• Implement and assess security controls in accordance with FISMA, FedRAMP, IRS IRM 10.8, and National Institute of Standards and Technology (NIST) SP 800-53 Moderate/High baselines.
• Support RMF activities including control implementation, evidence collection, SSP updates, and POA&M development and tracking.
• Perform vulnerability scanning, configuration compliance checks, and remediation validation in alignment with NIST SP 800-40 and SP 800-70 requirements.
• Monitor and analyze audit logs and security events; ensure integration with enterprise logging systems (e.g., ESAT) for centralized analysis and reporting.
• Validate implementation of encryption controls (data‑at‑rest and data‑in‑transit) meeting FIPS 140‑2/140‑3 standards and proper key management practices (NIST SP 800-57).
• Support identity and access management controls including least privilege, role‑based access, MFA enforcement, and privileged account monitoring (e.g., BEARS, PUMAS integration).
• Assist with remediation of Known Exploited Vulnerabilities and compliance with Binding Operational Directives issued by the Cybersecurity and Infrastructure Security Agency (CISA).
• Contribute to Zero Trust Architecture implementation efforts in accordance with NIST SP 800‑207.
• Support development of security documentation and artifacts including ISCPs, SRAs, SCAs, SBOM validation, and C‑SCRM evidence collection.
• Participate in audits, security assessments, incident response activities, and continuous monitoring reporting to ensure ongoing compliance.

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.
• Security+ CE certification.
• Five years of progressively responsible experience in information security, cyber risk management, or IT security operations. Must include at least 3 years of hands‑on experience in system security analysis, vulnerability management, or incident response within a Federal Information Systems Security or equivalent enterprise environment.

• Higher‑level certifications (e.g., CISSP, CISM, CEH, CAP) preferred and may substitute for additional years of experience.

Recently ranked as high as #3 among HUBZone Companies in a GOVWIN survey, DTI offers a dynamic environment for those passionate about impactful projects, community involvement, and contributing to top‑ranking Federal and State Commissionaires project support team.

At DTI, we balance continuous growth and innovation with a strong dedication to corporate social responsibility. Join our talented team and be part of a company that values both professional excellence and community impact. Explore the exciting career opportunities awaiting you at DTI!

DTI is committed to hiring and maintaining a diverse workforce. We are an equal opportunity employer making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class.