Financial IT Technical Writer - Documentation Specialist - SOX 404

Job Description

GDIT is searching for a Financial IT Technical Writer - Documentation Specialist with strong SOX 404 & PCI experience to join the team.   

  

Please note: This position is a pipeline requisition and not fully funded by the customer; this may result in delayed responses from the GDIT recruiting team.  Thank you for your interest and we encourage you to continue applying for positions you are interested in at GDIT.  

  

The Financial IT Technical Writer - Documentation Specialist will provide support for the IT Quality Assurance Office (ITQA) as the first line liaison between ITQA and the IT business units by providing consistent documentation in the area of compliance policies, procedures and communication.  In addition, the assistance would be to provide change management, problem solving, facilitation and project management/coordination for compliance. 

  

The is person will be responsible for maintaining appropriate governance over the IT environment and compliance with Federal laws, industry standards, and the external auditor’s requirements. All documents must comply with Section 404 of the Sarbanes-Oxley Act of 2002 to help protect the integrity of financial data and reporting. The IT Documentation team provides technical writing for both SOX and PCI and other IT compliance programs. 

  

The duties and responsibilities include, but are not limited to: 

• Create, edit, modify, and maintain version control of forms/documents and SOP to ensure timely updating of policies, procedure, process and the identification of issue items 

• Coordinate with IT business owners, customers, consultants, and others to provide subject matter expertise and guidance in order to ensure timely completion of documentation, testing, publishing, and reporting for compliance 

• Provide IT change management and problem solving for consistent documentation update 

• Facilitation, coordination, and communication management of issues 

• Work with management and ITQA to recommend and implement best practice solutions, enhancing the process improvement 

• Provide written weekly status updates to include timeline, risks, and challenges 

• Ongoing coordination with IT Stakeholders in writing and via phone 

• Provide technical writing for template and ad-hoc reports 

  

The security clearance for this program requires the selected candidate to have resided in the US for the past five years. The selected candidate cannot have left the country for longer than 90 consecutive days and no more than 180 cumulative days. 

  

Required qualifications:  

Bachelors Degree and 5+ years’ experience. This position researches, prepares, and edits technical documents. 

• Knowledge and experience with SOX (Sarbanes Oxley) requirements 

• Creation of SOX Documents 

• Familiarity with section 404 compliant, a plus 

• Knowledge and experience with Payment Card Industry (PCI) standards and requirements, a plus 

• Excellent written communication, editing and proofreading skills, required 

  

Document types that could be created and analyzed 

  

Policies 

• Advanced Computing Environment Policy 

• Approval Policy (not on external site) 

• Cellular Management Policy 

• Change Management Policy 

• Code Promotion Policy (not on external site) 

• Corporate Information Security Policies (AS-805): 

• Acceptable Use Policy 

• Business Continuity Management Policy 

• Development and Operations Policy 

• Hardware and Software Policy 

• Information Designation and Control Policy 

• Information Security Services Policy 

• Network Security Policy 

• Personnel Security Policy 

• Physical and Environmental Security Policy 

• Security Incident Management Policy 

• Security Monitoring Policy 

• Security Risk Management Policy 

• Corporate Reporting Policy 

• Database Management Policy 

• EIR Policy for Mainframe High Level Qualifiers (not on external site) 

• Enterprise Architecture Policy 

• Enterprise Information Repository (EIR) Policy (not on external site) 

• Field Communication Policy (not on external site) 

• Incident Management Policy (not on external site) 

• Information Technology Compliance Policy 

• IT Acquisition Policy 

• IT Administration Policy 

• IT Procedure Library Roles and Responsibilities Policy (not on external site) 

• ITFOIA Request Policy (not on external site) 

• Mail Processing Mail Handling Equipment Policy (not on external site) 

• Network Management Policy 

• Problem Management Policy 

• Section 508 Policy 

• Technology Solution Life Cycle (TSLC) Policy 

• Telephone Management Policy 

• Trial and Evaluation of Information Technology 

• Configuration Management Database Policy (not on external site) 

• Developer Definition Policy (not on external site) 

• Wireless Management Policy 

• Guide to Privacy and Freedom of Information Act 

  

Processes 

• Certification and Accreditation (C&A) Recertification Process 

• CCB Semiannual Review Process (not on external site) 

• Change Management Escalated Approval Process 

• Change Management Process 

• Code Promotion Process (not on external site) 

• Customer Read Access to Production Database Process (not on external site) 

• Enterprise Architecture Review Process 

• Incident Management Process 

• Information Security Certification and Accreditation (C&A) Process 

• IT Communications Process 

• IT Web Site Content Update Process (not on external site) 

• Obtain Hardware and Software for a Trial Period Process 

• Problem Management Process 

• Request Non-Standard Wireless Solutions (not on external site) 

• Security Clearance Request Process 

• Software Delivery Framework 

• System Retirement Process 

• Technology Solution Life Cycle (TSLC) 

• Agile Methodology 

• Initiate and Plan Process 

• Sprint 0-n Process 

• Governance and Compliance Process 

• Release Management Process 

  

Standards (not on external site) 

• Application Development Standards 

• Application Performance Standards 

• Cellular Management Standards 

• Cisco Router Hardening Standards 

• Cisco Switches Hardening Standards 

• Code Promotion Standards 

• Coding Secure Software Standards 

• Database Management Standards 

• E-mail Environment Characteristics Standards 

• Enterprise Data Warehouse (EDW) ETL Standards 

• Failed CR Exception Standards 

• Firewall Port Access Standards 

• Incident Management Standards 

• ITEA Software Standards 

• Job Control Language (JCL) Standards 

• Job Scheduling Standards 

• MicroStrategy Standards 

• Network Management Standards 

• OSS Oracle Configuration Standards 

• OSS UNIX Standards 

• Postal Service IT Graphic Standards 

• Section 508 Technical Standards 

• Secure Code Review Standards 

• Secure Coding Standards 

• Security Categorization Standards 

• Security Controls Requirements Standards 

• Storage Naming Standards 

• Telephone Management Standards 

• Configuration Management Database Standards 

• Windows 2003 Server Build Standards 

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.