LMI is a consulting firm dedicated to advancing the management of government. Our clients value our specialized services in logistics, management advisory services, advanced analytics, and digital services supporting the defense, national security and health markets. We believe government can make a difference, and we seek talented, hardworking people who share that conviction. We offer competitive salary, a merit-based bonus structure, a generous retirement plan, an unlimited leave policy, a focus on continued development including a robust educational reimbursement program, flexible work schedules, and programs to support work-life balance.
The Application Security Analyst will work on a large project team supporting the Army Shared Services Center (Army SSC) organization located at Aberdeen Proving Ground, MD. The Army SSC provides capability support services to all Army Enterprise Resource Planning (ERP) logistics and financial systems. Capability support includes system sustainment, sustainment modernization, and enhancement activities such as system design, development, testing, and deployment. Specific tasks include functional analysis, help desk, cybersecurity, quality assurance, configuration management, database administration, portal and support tool management, SAP BASIS support, technical services, interface/middleware maintenance, and system monitoring.
The Application Security Analyst will assist the Army SSC in 1) Implementing GFEBS directed IA mandates such as information operations conditions (INFOCONs) and IAVAs, bulletins and tech-tips and provide additional vulnerability remediation services to include application updates and patch management; 2) Ensuring a comprehensive vulnerability management process including the systematic identification, elimination, and mitigation of software vulnerabilities is in place; 3) Conducting system application vulnerability scanning as directed by DoD regulations and shall evaluate the security posture of the system via GFE tools used to scan for IAVA and STIG compliance; 4) Performing all requisite activities to verify GFEBS system open source products against the approved products list and/or submit for approval and/or waiver requests; 5) Providing a Disaster Recover (DR) Plan (A029) with resumption of mission or business essential functions within 24 hours of activation; 6) Facilitating DR exercises to ensure full system failover capability exists at secondary site. In addition, provide a DR Memorandum for Record (A030) with the key information summarizing the objectives and outcomes of the DR exercise; 7) Defining and implement a standard Patch and System Baseline Management process for each set of redundant servers that outlines specific procedures. The process shall include contingency and back out plans for patch deployment; and 8) Evaluating the GFEBS system components for security vulnerabilities and establish appropriate controls (e.g., access control) to limit vulnerabilities.
LMI is an Equal Opportunity Employer-all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.