Job Seekers, Please send resumes to firstname.lastname@example.org or Call: (202) 719-0200 Ext: 127
The Security Architect will be responsible for the overall security
requirements and implementation of the program. This role will analyze the
program’s enterprise requirements and derive the technical security
architecture. This position will analyze the current technology environment to
detect critical security deficiencies and recommend solutions for improvement
for both the current and future state architectures. The Security Architect
will document the security architecture design, possibly including project
postmortem documentation and metric collection. He/she will consult on the LAN
and WAN infrastructure utilizing the industry's security best practice and
systems integration of several platforms (UNIX and Windows). The Security
Architect will be responsible for securing the data infrastructure from
potential external and internal threats by complying with PCI and other
- Provide input and partner with IT security management in defining security strategy and direction for security systems and architecture using industry best practices.
- Serve as the IT security expert; review architecture and engineering designs from other IT architects to align information system security improvements to support business plans.
- Develop and execute security plans for the Client Program. This will include managing 3rd party vendors, and providing guidance (with other departments) to the security best practices.
- Develop a deep understanding of Client network health, security events, and TCP/IP infrastructure.
- Work hands on with technologies that support the Program including Identity and Access Management, Anti-Virus, Intrusion Detection, Log Management, Web Filtering, Data Encryption, Data Loss Prevention and Compliance and Governance systems.
- Develop secure coding policies, procedures and standards, modification of the SDLC to include the necessary Security Checkpoints, code review methodologies etc.
- Ensure confidentiality, integrity, availability, authenticity, and non-repudiation of critical information system resources and related activities, including but not limited to, data/information, application software, servers and desktop hardware, physical assets, network and telecommunications.
- Identify and mitigate risks, implement necessary mitigating safeguards and controls, implement ongoing monitoring activities and countermeasures, and coordinate the multitude of activities that protect the business information assets from intentional or inadvertent modification, disclosure or destruction, and provide support for applicable legal and regulatory requirements.
- Provide monitoring and compliance tracking for the protection of information assets to business units throughout the enterprise based on the organization’s risk assessment, and is a key member of the various information security work groups.
- Recommend and assist in the development and implementation of appropriate information security policies, standards, procedures, and guidelines required to safeguard information resources.
- Design, develop and deploy security systems consistent with the evolving the organizaitons standards.
- Interface with systems development teams to ensure that new and modified systems are developed in accordance with defined Information Security Standards.
- Work directly with vendors, suppliers and network architect to design, configure and maintain effective security architecture.
- Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
- BA or BS in Computer Science, Management Information Systems, or related field. Advanced degree desirable.
- CISSP required. SABSA or CISSP-ISSAP concentration preferred. CISA or CISM is a plus.
- Seven+ years of progressive experience in computing and information security, including experience with Internet technology and security issues.
- At least 5 years information security architecture experience with application security technologies.
- In depth knowledge and experience with one or more of the following security specialization fields: Application Security (RACF, DCE, LDAP, etc.) and testing, Network Security Architecture, PKI Technology, Intrusion Detection, Vulnerability Assessment, Penetration Testing, Firewalls, Log Management, Anti-Virus/Anti-Spam technology, Data Encryption or Data Loss Prevention technology.
- Security clearance is not required but must be able to pass criminal and credit check.
- Knowledge of regulations and security compliance requirements such as PCI DSS.
- Experience in any of the following security technologies is a plus (ex - HIDS (Host-based intrusion detection services), NIDS (Network based intrusion detection services), Wireless network based IDS), Antivirus, Security Log Monitoring, ID Access Management, and Perimeter. Assessments/Penetration Testing.
- Familiarity with common application security vulnerabilities (OWASP Top10)
- Working knowledge of SOA and SOA security features is a plus.
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (CobiT) frameworks.
- Extensive experience with developing and delivering commercial/enterprise software required.
- Experience with security architecture related to protocols such as SSH, SNMP, HTTP, SOAP, SOA, Web Services
- Experience with performing vulnerability and risk assessments and developing risk treatment plans.
- Experience with network and server security, including firewalls, IDS/IPS, VPN, Anti-Virus, Patch Management, and vulnerability analysis.
- Cross-functional knowledge of security in relation to application and networking.
- High level of expertise with Security Monitoring systems, Forensics tools and Malware analysis.