Logo
Esolvit

Security Cloud Solutions Architect

Esolvit, Austin, Texas, us, 78716


Title:

Security Cloud Solutions Architect

Location:

Austin, TX

Duration:

Long Term

Job Description :

The Cloud Architect is responsible for the cloud computing initiatives within the OAG and for directing the architectural aspects of a cloud brokering team across all aspects of IT and the organization. Responsible for the planning and engineering of cloud computing infrastructure and applications. Implements and designs hardware and software and is familiar with standard concepts, practices, and procedures of cloud technology, including Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS).

The ideal Security Cloud Solutions Architect serves as a liaison between IT architects and information security teams and also coordinates with information system owners and common control providers on the allocation of security controls as system-specific, hybrid, or common controls. The Security Cloud Solutions Architect, in close coordination with information security officers, advises authorizing officials, the chief information officer, senior IT and security staff, on a range of security-related issues including establishing information system boundaries, assessing the severity of weaknesses and deficiencies in the information system, plans of action and milestones, risk mitigation approaches, security alerts, and potential adverse effects of identified vulnerabilities.

Design, build and implement enterprise-class security systems for a production environmentAlign standards, frameworks and security with overall business and technology strategyIdentify and communicate current and emerging security threatsDesign security architecture elements to mitigate threats as they emergeCreate solutions that balance business requirements with information and cyber security requirementsIdentify security design gaps in existing and proposed architectures and recommend changes or enhancementsDefine and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure eventDefine appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recovery/restorationDevelop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of dataDocument and address the organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycleEmploy secure configuration management processesEnsure that acquired or developed system(s) and architecture(s) are consistent with the organization's cybersecurity architecture guidelinesIdentify and prioritize critical business functions in collaboration with organizational stakeholdersPerform security reviews, identify gaps in security architecture, and develop a security risk management planProvide advice on project costs, design concepts, or design changesProvide input on security requirements to be included in statements of work and other appropriate procurement documentsProvide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environmentAnalyze candidate architectures, allocate security services, and select security mechanismsDevelop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirementsEvaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documentsWrite detailed functional specifications that document the architecture development processAnalyze user needs and requirements to plan architectureDevelop enterprise architecture or system components required to meet user needs.Document and update as necessary all definition and architecture activitiesDetermine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriatelyTranslate proposed capabilities into technical requirementsAssess and design security management functions as related to cyberspaceRequired Skills:

5 years of experience in Proven work experience in security architecture, demonstrating solutions delivery, principles and emerging technologies - designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions.5 years of experience in designing and implementing security measures needed to protect data stored on public clouds against unauthorized access, including secure authentication methods, encryption, access control lists, intrusion detection systems, firewalls, etc.5 years of experience in Knowledge and understanding of multi-cloud security architectures covering infrastructure, information security tools, cloud-based application security and other cloud-based technology and infrastructure architectures.5 years of experience in leading the implementation of complex projects and initiatives that have agency-wide scope5 years of experience in consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.5 years of experience in Proven expertise in security considerations of cloud computing; which includes data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.5 years of experience in analyzing threats to an organization's security and designing solutions to mitigate those threats.5 years of experience in working with relevant National Institute of Standards and Technology (NIST) standards5 years of experience in working with ISO27001 - specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization's risk management.5 years of experience in delivering/managing Identity and access management (IAM) solutions - the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.5 years of experience in working with security management tools (e.g., vulnerability scanners, file integrity monitoring, configuration monitoring, etc.) and perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.).5 years of experience in Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.).5 years of experience in designing and developing security architectures that align with an organization's strategic goals. Creation of architectural artifacts for key technology initiatives.5 years of experience in Strong awareness of networking and internet protocols, including TCP/IP, DNS, SMTP, HTTP and distributed networks5 years of experience in Conducting forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.5 years of experience in Knowledge of web services, API, REST and RPC.5 years of experience in Ability to resolve complex security issues in diverse and decentralized environments; to learn, communicate, and teach new information and security technologies; and to communicate effectively5 years of experience in Excellent communication and organizational skills, and the ability to stay focused on meeting goals within a busy workspace. Extensive skill in effective verbal and written communications with other computer professionals, and stakeholders.5 years of experience in Strong understanding of data protection and familiarity with methods to safeguard against data corruption, compromise, and loss.5 years of experience in Knowledge and experience with penetration testing. Familiarity with various types of ethical hacking such as covert pen tests, internal pen tests, and open-box pen tests.5 years of experience in security auditing and the development of audit criteria. Help oversee continued compliance once security measures are in place.5 years of experience in Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats.5 years of experience in creating/reviewing/updating security policies and standards for the public/private/hybrid cloud contexts.5 years of experience in Knowledge of software development life cycle methodologies5 years of experience in Ability to establish and always maintain effective and professional working relationships with others in the course and scope of conducting business.Preferred Skills:

5years of experience in educating employees about the importance of data security and best practices for protecting sensitive information5 years of experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools5 years of experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft)5 years of experience with Zypher Scale preferred5 years of experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic)5 years of experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope)5 years of experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler)4 years of experience in Graduation from accredited four-year college/university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field is generally preferred.1 year of experience in GSEC, CEH, CISA, CCSP certifications desired1 year of experience in Ability to obtain required certification within 6 months and maintain approved baseline certification for position (i.e. CISSP-ISAAP or equivalent1 year of experience in Certification as an AWS Solutions Architect, Cloud Security Certification, and/or OpenStack Administrator Certification a plus. (Other cloud-related certification also a plus)1 year of experience in Ability to influence and build relationships with LOB stakeholders, technology CIO leadership, external service providers, and architecture teams1 year of experience in Ability to delegate duties and coordinate with fellow team members, displaying active listening, enthusiasm, and empathy