Requirements Analysis & Solution Design:
- Collaborate with stakeholders to analyze business or system-level requirements and determine functional needs, specifically assisting in defining new application implementation requirements, to include the generation of Epics and translation to Features and User Stories which make up the Product Roadmap and Product Increment Plans.
- Translate requirements into scalable mainframe solutions, identifying potential system dependencies or impacts to legacy or dependent systems.
- Recommend alternatives on dependencies within and outside the product to reduce risk as new capabilities are introduced and current systems are retired.
- Actively participate in collaborative efforts with the Government to define requirements, team composition, and deliverables for Execution Plans (EPs) for individual efforts, which may involve small, medium, large, or extra-large teams.
Application Development:
- Design, code, and debug mainframe applications using technologies such as COBOL, IBM Db2 (including Mainframe Database System Administration), IMS, CICS, JCL, VSAM, TSO/ISPF, REXX, IDMS, DYL-260/280, ENDEVOR, IBM Message Queue (MQ), IBM Installation Manager, IBM Mainframe – Z/OS, IBM Middleware/WRS Stack, and IBM WebSphere Application Server (WAS).
- Follow established coding standards and ensure solutions are secure, efficient, and maintainable, adhering to private sector best practices and VA's DevSecOps policy.
- Assist with database solutions and designs for data migrations for implementations at VA sites.
- Assist with the integration of additional data elements and support Mainframe connection strings and database loads for Open Systems (e.g., FCM, FRN)
- Analyze, redevelop, and add to existing suite of reports
- Create source code, table maintenance updates, SQL scripts, or updated documentation associated with remediation
- Perform periodic and ad hoc table maintenance, including reference table updates, distribution of code set updates, and data corrections such as batch data update scripts
- Support updates required for appropriate Data Dictionaries and offsite data storage
Application Maintenance & Optimization:
- Monitor system performance and user feedback to identify enhancement opportunities
- Implement updates, bug fixes, and performance improvements to ensure optimal functionality of legacy systems, including resolving issues not related to base (non-proprietary) COBOL and base SAS code
- Support end-to-end sustainment and annual close activities for FMS (Financial Management System), which is a complex, labor-intensive process requiring 24/7 support during critical phases (Mock Close, Annual Close Part 1, and Annual Close Part 2)
- Optimize FMS nightly batch processing to ensure efficiency
- Support automation initiatives and tools, utilizing Keysight Eggplant or similar automation tools, for reporting automation and new automation requests
- Assist with researching, migrating, testing, and scheduling jobs from CA-7 Batch Processing to similar tools like Control-M
Production & Client Support:
- Partner with IT Operations and Customer Service teams to resolve issues, support end users, and troubleshoot production defects, providing after-hours support on a rotating basis, including weekends and holidays, for abnormal operating events (ABENDS), maintenance, issue resolution, and troubleshooting
- Specifically, fix all production abends (e.g., batch job abends, online abends, PFRN abends) in a timely manner to meet Service Level Agreements (SLAs)
- Resolve all production issues including those related to SFTP, Reports, batch processing, online processing, and outbound/inbound interfaces
- Document and present Root Cause Analysis (RCA) and Issue Papers during an issue, and an After-Action Report (AAR) after issue resolution
- Provide day-to-day technical knowledge and knowledge-transfer on how to utilize the financial management system to customer staff.
Code Quality & Documentation:
- Write clean, self-documenting code that complies with organizational standards and contractual naming conventions
- Create and maintain technical documentation, including system architecture diagrams, data flow processes, fact sheets, and updated FMS User Guides to support future maintenance and knowledge sharing
- Document FMS roles and configurations to identify gaps and make recommendations for remediation
- Update Training Documentation and Knowledge-based Help Desk Documents when remediation or enhancements change how the user interacts with the application/system
Continuous Learning & Collaboration:
- Proactively pursue ongoing professional development and share knowledge of emerging mainframe technologies with the team
- Maintain expertise in the DevSecOps tool chain, including tools such as Jenkins, Circle CI, GitHub, Nexus, Artifactory, Docker, Kubernetes, SonarQube, Maven, Node package manager, Cloud Formation Templates, Terraform, Elastic Stack, and Application Monitoring tools like Dynatrace and AppDynamics
Project Management & Estimation:
- Provide time and effort estimates for assigned tasks and deliver work within agreed timelines
- Communicate progress and potential risks to management and stakeholders
- Utilize customer's approved toolsets such as Jira, GitHub, and ServiceNow to input and manage scheduled product sprints and backlog, Agile requirements, risks, issues, configurations, changes, test plans, execution, planning, design, and engineering documentation
- Deliver Biweekly Status Reports that provide accurate, timely, and complete project information, including Work In-Progress (WIP) and completed work, identified issues, workforce staffing data, and GFE status
Incident & Change Management:
- Respond to production incident tickets and change requests in alignment with ITIL or internal support practices
- Participate in root cause analysis and permanent corrective actions, including documenting vulnerabilities, assigning them to relevant teams, and tracking through remediation
- Coordinate with Infrastructure Operations on all activities, including issues, scans, compliances, updates, upgrades, vulnerabilities, patches, and requests for server provisioning
- Triage issues to determine if the problem is traceable to requirements, design, configuration, testing, code defect, documentation deficiency, or knowledge gap
- Update trouble tickets to reflect defect referrals with evaluated status, defect logs, and other applicable artifacts, following PDS release procedures
- Manage FMS system sustainment software changes
SDLC Compliance:
- Adhere to a repeatable software development lifecycle (SDLC) process, incorporating Agile software development methodology and Continuous Integration/Continuous Delivery (CI/CD) practices
- Ensure all deliverables meet established quality assurance standards
- Ensure software compliance with applicable laws, regulations, and standards, including Zero Trust Security, Two-Factor Authentication (2FA), and Section 508 accessibility standards
Testing & Validation:
- Develop and execute robust unit and integration test scripts to validate new functionality and minimize production defects
- Ensure all Agile requirements, changes, tests performed, and test results are shown in customer-approved toolset to show evidence of code coverage and test coverage
- Perform Quarterly User Access Reviews for FMS application
- Update and test FMS configuration settings including tables, systems, and network
- Conduct vulnerability scans and tests (NIST SP 800-53), and security scanning multiple times throughout projects using methods such as penetration testing, MASA/WASA, and Static Application Security Testing (SAST) tools like Micro Focus Fortify
Security and Privacy:
- Actively work to attain and maintain an Authority to Operate (ATO) for systems, and support all ATO-related activities
- Create and update security Plan of Action and Milestones (POA&M), and provide recommended remediation strategies
- Respond to all audit and assessment requests (e.g., OIG, FISMA/FISCAM, SCA, CISA) and mitigate all findings
- Track and remediate all sustainment related security vulnerabilities within specified Customer Handbook 6500 timeframes (30/60/90 days for Critical, High, and Medium severity)
- Coordinate with data centers and Customer to ensure consistency with Customer ATO requirements and compliance with Customer information security policies and standards
- Upload all documents and artifacts into the current VA Governance, Risk and Compliance (GRC) tool
- Support Field Security Services Information System Security Officers (ISSOs) and the Office of Cyber Security Control Assessment team
- Provide Customer Software Assurance (SwA) Code Review Validation Report validating required code quality
- Conduct and provide routine vulnerability scanning reports and compliant risk assessments as detailed in NIST SP 800-30
- Identify, document, review, and maintain Assessment & Authorization (A&A) Artifacts as needed to support an ATO request in accordance with Customer policy and Federal Law and guidelines (NIST SP 800-37)
- Provide updated Source Code and related artifacts as a result of remediation efforts