Job Title: Platform Security Architect
Location: Richmond, VA (Onsite)
Duration: Contract Position
Mode of Interview: Webcam Interview
Duties/Responsibilities:
- As part of a team, ensure the adoption of security architecture and engineering initiatives in order to effectively and securely support the organization in meeting specific business technology needs.
- Review solutions to be deployed in cloud and on premise environments
- Assist with Architectural design documentation and System Security Plan documentation
- Monitor and guide systems to ensure Authority to Operate is achieved in a timely manner
- Understand technical security issues and the implications to the Platform and be able to communicate them to management and other business leaders.
- Responsible for guiding the design and implementation of secure solutions and services across the Platform.
- Maintain in-depth knowledge of IT industry best practices, technologies, architectures, and emerging technologies.
- Must have knowledge and understanding to be able to configure and implement security solutions to reduce risk to an acceptable level.
- Understand emerging security technologies and determine the appropriate use within business applications.
- Must be able to provide technical guidance and foster a collective understanding of data flows and security issues encountered in both premise based and cloud applications and services.
- Communicate architectural decisions, plans, goals, and strategies
- Must be able to incorporate business drivers, needs and strategies to address future business / technology needs.
- Work in teams for secure application and/or infrastructure solution architecture.
- Collaborate with our Governance organization and functions including Internal Audit, Legal and Compliance, Privacy, and Sourcing to ensure that the Platform maintains a strong cybersecurity posture.
Required Skills:
- Experience providing high-level design and architecture diagrams
- technically validating solutions and connecting business, data, security, systems, and other technical and non-technical architectures
- Familiarity with open architecture and cybersecurity architecture principles that achieve cybersecurity framework goals.
- Familiar with encryption technologies used in commercial operating systems, including Public Key Infrastructures-continued
- symmetric and asymmetric cryptography, certificate trust stores and the use of key escrow for discovery and legal purposes
- At least 8 years of experience in network and endpoint security architecture
- Familiarity with protocols commonly used in commercial networks, such as SMB, RPC, HTTP, SQL
- Familiar with multi-tiered network applications, common ports and protocols used in those communications
- Familiar with Vulnerability Scoring (CVSS) and exploitation mechanisms of common vulnerability types (overflows, cross-site-scripting, SQL injection)
- Experience working with Cloud Native architecture paradigms, patterns and security methodologies.
- Familiarity with NIST, IRS 1075, HIPAA, FedRAMP and other cybersecurity frameworks
- Familiar with methodologies for scalable, automated creation of System Security Plan, and Authority To Operate, Attestation & Validation
- Candidate should have a background in general security practices such as identity and access management (IAM)-continued
- Experience leading the alignment of on-going activities in support of critical State & Federal mandates such as -continued
- Continuous Diagnostics and Monitoring (CDM), Executive Orders related to cybersecurity, and guidance from OMB and NIST
- Familiarity with open architecture and cybersecurity architecture principles that achieve cybersecurity framework goals
—
You received this message because you are subscribed to the Google Groups “Daily” group.
To unsubscribe from this group and stop receiving emails from it, send an email to dailyrequest+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/dailyrequest/8909919b-c242-4563-a193-c3f6855d7b10n%40googlegroups.com.