Navy Mutual Aid Association
Security Architect
Navy Mutual Aid Association, Arlington, Virginia, United States, 22201
Are you looking for a company that offers excellent opportunities combined with a worthwhile mission? Navy Mutual is that company and we are looking for talented people to join our team!What will you be doing?Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.Works cooperatively with all staff to meet the business and customer needs of Navy Mutual, while managing processes and methods for auditing and addressing information security standards; and facilitates migration of non-compliant environments to compliant environments.Informs and conducts security audits within and outside the organization, to ensure compliance with standards and currency with industry security norms.Manages and participates in the planning and implementation of security administration for all IT projects; and makes recommendations and assists in the implementation of changes to work methods and procedures to make them more effective or to strengthen security measures.Develops security strategy plans and roadmaps based on sound enterprise architecture practices.Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM).Participate in the design and execution of the back-up disaster recovery systems, and contingency operations; and participates in systems back-up regimen as needed.Create and maintain a security training program, and perform regular security awareness training for all employees, to educate and ensure compliance with the organization’s security policies, standards, and procedures.Responsible for maintaining project software and documentation inventory and configuration baselines.Establishes and maintains all CM processes and procedures; including library and software development information, impact assessments, incident reports, and software change notices, etc.; on a continuous basis.Identifies and implements processes to strengthen, streamline and automate build processes; and serve as an advocate for best practices to drive the development and maintenance of build automation tools.Maintain operational configurations of all in-place solutions as per the established baseline control efforts, using automated CM tools.Responsible for change management controls and reporting/documentation.Manage relationships with contractors and vendors as needed.Establishes a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC).Other duties as assigned.Qualifications:Computer Science or related Bachelor’s degree and 5-10 years of relevant experience required.Advanced technical training and experience with auditing and maintaining security of systems and information is required.Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF.Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.Verifiable experience reviewing application code for security vulnerabilities.Experience securing CI/CD pipelines.Direct, hands-on experience or a strong working knowledge of vulnerability management tools.Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.Experience designing the deployment of applications and infrastructure into public cloud services.Full-stack knowledge of IT infrastructure:ApplicationsDatabasesOperating systems — Windows and LinuxIP networks — WAN and LANStorage networks — Fibre Channel, iSCSI and NASBackup networks and mediaDirect experience designing IAM technologies and services:Active DirectoryLightweight Directory Access Protocol (LDAP)Amazon Web Service (AWS) IAMStrong working knowledge of IT service management (e.g., ITIL-related disciplines):Change managementConfiguration managementAsset managementIncident managementProblem managementRegulations, Standards and Frameworks Knowledge:Payment Card Industry Data Security Standard (PCI-DSS)General Data Protection Regulation (GDPR)Privacy PracticesISO 27001/2NIST Cybersecurity Framework (CSF)Required Certifications:The security architect will evidence his/her knowledge of security and risk management through ongoing continuing professional education.Business-Related Skills:The security architect is expected to contribute his or her insights to colleagues in the security team and the CISO, as well as colleagues within internal audit, risk management and other line-of-business teams. To ensure that security-related matters are adequately conveyed, the following skills are required:Strategic planning skills:
The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.Communication skills:
The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.Financial analysis:
As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities.Project management:
Security services and technology implementations will require solid project management skills. The security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.
#J-18808-Ljbffr
The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.Communication skills:
The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.Financial analysis:
As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities.Project management:
Security services and technology implementations will require solid project management skills. The security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.
#J-18808-Ljbffr