Senior Security Architect

Zermount • United States • 1m ago

SENIOR SECURITY ARCHITECT MILITARY FRIENDLY & PREFERRED - HOH SPONSORnSummary:nWe are looking for a highly talented, technical hands-on Senior Security Architect located in the Washington, DC metro area to help accelerate our Security Program for a client in the Government Sector. You will use your exceptional security knowledge and hands-on security tooling and systems administration skills to help support our customer with developing, reviewing, and modernizing highly secure and compliant computing architectures and implementations.nnDuties and Responsibilities:nnLead a team of Security Architects and Security nSecurity Architecture: Develop and Recommend Security Architecture and Standards for both cloud and on-prem environments. Review and update diagrams of security tools and traffic flow within environment and make recommendations for enhancements.nCybersecurity Operations: Improve Cloud monitoring, detection, and response; Improve Security Operations (SOC) operations; Review existing security tools in environment for gaps and/or overlaps and make recommendations for improvements.nPrivacy & Continuous Monitoring: Improve Vulnerability Assessment program; Integrate security scanning in Cloud Pipeline; Improve Cloud and on-prem vulnerability coverage and scanning.nCybersecurity Authorizations and Compliance: Reduce time to ATO through continuous ATO; Improve Cloud Compliance.nAddressing critical software; and Developing secure Cloud nDevelop, and integrate with other Cybersecurity workflow to include: ATO Intake, assessment, and Vulnerability Scanning process.nIntegrate with Enterprise Architecture (EA) review nPerform security reviews based on RMF controls compliance, clients, and security best nDevelop security architectural patterns to enable faster ATO or assessment process by creating architectural designs that already meet compliance controls.nProvide security architecture input for DevSecOps security strategy and roadmap including application and infrastructure vulnerability scanning, automated assessments, and security nPerforms architecture design reviews including configuration and log reviews and perform network traffic analysis.nProduces a SAR Report to include HVAs architecture strengths and nnnQualifications Required Skills:nnHigh level of attention to detail, needs minimal guidance, effective verbal, and written nEqually adept at strategic planning and operational/technical nnnAble to adapt to new and changing requirements or priorities and manage work and resources accordingly.nAt least 7 years (preferred 10 years) of network, systems, applications:nnLAN/WAN, WAF/CDN/DDOS, Network Firewalls, IDS/IPS.nVirtualization, hypervisor security, container nApplication development, serverless security, microservices,nnnAt least 5 years of designing and/or implementing security in Cloud (AWS required, Azure or GCP optional):nnMulti-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility nAWS IAM, KMS, S3, RDS, SNS/SQS, Organization, Guard Duty, Security Hub, Detective, Config, CloudTrail, CloudWatch, Lambda.nAzure E3/E5, Active Directory, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.nnnExperience with DevSecOps strategy and implementation and designing architecture in accordance with RMF, CSF, FISMA, and Fedramp.nFamiliarity with: ZTNA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.nAt least 2 years working in or managing Agile DevOps, Scrum, nCloud nArchitecture nNetworking nNetwork Security/Cyber Security nnEducation:nCandidate must have a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, information technology, or cyber security. The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or information technology.nnCertifications:nnCertifications to include one or more of the following:nnCertified Information Systems Security Professional (CISSP)nCertified Cloud Security Professional,nAWS Certified Solutions Architect AssociatenAWS Certified Security SpecialistnMicrosoft Azure Solutions ArchitectnGoogle Professional Cloud ArchitectnnnnClearance: United States Patent and Trademark Office Specific Minimum Background Investigation (MBI) will be conducted.nnWork Location: Remote (Initial onboarding in Arlington, VA). Minimal travel to the Washington,nD.C. Metro Area may be required if requested by the client.n