SECURITY ARCHITECT

SECURITY ARCHITECT

MILITARY FRIENDLY & SKILLBRIDGE SPONSOR

SUMMARY:

We are looking for highly talented, technical hands-on Security Architect located in Washington, DC metro area to help accelerate our growing Professional Services business within the Government Sector. You will use your exceptional security knowledge and hands-on security tooling and systems administration skills to help support our customers with developing highly secure and compliant computing architectures and implementations.

DUTIES & RESPONSIBILITIES:

• Security Architecture: Develop and Recommend Security Architecture and Standards including Cloud Security for government approval.
• Cybersecurity Operations: Improve Cloud monitoring, detection, and response; Improve Security Operations (SOC) operations.
• Privacy & Continuous Monitoring: Improve Vulnerability Assessment program; Integrate security scanning in Cloud Pipeline; Improve Cloud vulnerability coverage and scanning.
• Cybersecurity Authorizations and Compliance: Reduce time to ATO through continuous ATO; Improve Cloud Compliance.
• Addressing critical software; and Developing secure Cloud adoption.
• Develop, and integrate with other Cybersecurity workflow to include: ATO Intake, assessment, and Vulnerability Scanning process.
• Integrate with Enterprise Architecture (EA) review process.
• Perform security reviews based on RMF controls compliance, clients, and security best practices.
• Develop security architectural patterns to enable faster ATO or assessment process by creating architectural designs that already meet compliance controls.
• Develop Security Architecture Standards in Cybersecurity SharePoint site and cross-link with Cloud Operations (SSB) and Enterprise Architecture (EA) sites.
• Provide security input on Cloud Center of Excellence (CCOE) and Cloud Advisory Council (CAC) agenda items by participating in technical working groups, providing security analysis, and providing recommendations.
• Provide security architecture input for DevSecOps security strategy and roadmap including application and infrastructure vulnerability scanning, automated assessments, and security controls.
• Performs architecture design reviews including configuration and log reviews and perform network traffic analyses.
• Produces a SAR Report to include HVAs architecture strengths and findings.
• Design and deploy native Cloud security services in AWS, Microsoft Azure, and Google Cloud.

QUALIFICATIONS:

• High level of attention to detail, needs minimal guidance, effective verbal, and written communications.
• Equally adept at strategic planning and operational/technical level.
• Able to adapt to new and changing requirements or priorities and manage work and resources accordingly.
• At least 5 years (preferred 10 years) of network, systems, applications:
• LAN/WAN, WAF/CDN/DDOS, Network Firewalls, IDS/IPS.
• Virtualization, hypervisor security, container security.
• Application development, serverless security, microservices, CICD.
• At least 5 years of designing and/or implementing security in Cloud (AWS required, Azure or GCP optional):
• Multi-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility model.
• AWS IAM, KMS, S3, RDS, SNS/SQS, Organization, Guard Duty, Security Hub, Detective, Config, CloudTrail, CloudWatch, Lambda.
• Azure E3/E5, Active Directory, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.
• Experience with DevSecOps strategy and implementation and designing architecture in accordance to RMF, CSF, FISMA, and Fedramp.
• Familiarity with: ZTNA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.
• At least 2 years working in or managing Agile Devops, Scrum, Kanban.
• Cloud architecture.
• Architecture experience.
• Networking experience.
• Network Security / Cyber Security experience.

EDUCATION:

Candidate must have a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, information technology, or cyber security. The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or information technology.

CERTIFICATIONS:

Required:

• Certified Information Systems Security Professional (CISSP)

A minimum of at least one of the following:

• Certified Cloud Security Professional,
• AWS Certified Solutions Architect Associate,
• AWS Certified Security Specialist,
• Microsoft Azure Solutions Architect, or
• Google Professional Cloud Architect

CLEARANCE:

A minimum of a Public Trust

HOURS OF OPERATION:

8:30 am EST - 5:00 pm EST