Zermount, Inc.
Security Architect
Zermount, Inc., Virginia, Minnesota, United States, 55792
SENIOR SECURITY ARCHITECT
MILITARY FRIENDLY & PREFERRED - HOH SPONSOR
Summary:
We are looking for a highly talented, technical hands-on Senior Security Architect located in the Washington, DC metro area to help accelerate our Security Program for a client in the Government Sector. You will use your exceptional security knowledge and hands-on security tooling and systems administration skills to help support our customer with developing, reviewing, and modernizing highly secure and compliant computing architectures and implementations.
Duties and Responsibilities:
Lead a team of Security Architects and Security Engineers.
Security Architecture: Develop and Recommend Security Architecture and Standards for both cloud and on-prem environments. Review and update diagrams of security tools and traffic flow within environment and make recommendations for enhancements.
Cybersecurity Operations: Improve Cloud monitoring, detection, and response; Improve Security Operations (SOC) operations; Review existing security tools in environment for gaps and/or overlaps and make recommendations for improvements.
Privacy & Continuous Monitoring: Improve Vulnerability Assessment program; Integrate security scanning in Cloud Pipeline; Improve Cloud and on-prem vulnerability coverage and scanning.
Cybersecurity Authorizations and Compliance: Reduce time to ATO through continuous ATO; Improve Cloud Compliance.
Addressing critical software; and Developing secure Cloud adoption.
Develop, and integrate with other Cybersecurity workflow to include: ATO Intake, assessment, and Vulnerability Scanning process.
Integrate with Enterprise Architecture (EA) review process.
Perform security reviews based on RMF controls compliance, clients, and security best practices.
Develop security architectural patterns to enable faster ATO or assessment process by creating architectural designs that already meet compliance controls.
Provide security architecture input for DevSecOps security strategy and roadmap including application and infrastructure vulnerability scanning, automated assessments, and security controls.
Performs architecture design reviews including configuration and log reviews and perform network traffic analysis.
Produces a SAR Report to include HVAs architecture strengths and findings.
Qualifications
Required Skills:
High level of attention to detail, needs minimal guidance, effective verbal, and written communications.
Equally adept at strategic planning and operational/technical level.
Able to adapt to new and changing requirements or priorities and manage work and resources accordingly.
At least 5 years (preferred 10 years) of network, systems, applications:
LAN/WAN, WAF/CDN/DDOS, Network Firewalls, IDS/IPS.
Virtualization, hypervisor security, container security.
Application development, serverless security, microservices, CICD.
At least 3 years of designing and/or implementing security in Cloud (AWS required, Azure or GCP optional):
Multi-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility model.
AWS IAM, KMS, S3, RDS, SNS/SQS, Organization, Guard Duty, Security Hub, Detective, Config, CloudTrail, CloudWatch, Lambda.
Azure E3/E5, Active Directory, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.
Experience with DevSecOps strategy and implementation and designing architecture in accordance with RMF, CSF, FISMA, and Fedramp.
Familiarity with: ZTNA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.
At least 2 years working in or managing Agile DevOps, Scrum, Kanban.
Cloud architecture.
Architecture experience.
Networking experience.
Network Security/Cyber Security experience.
Education:
Candidate must have a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, information technology, or cyber security. The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or information technology.
Certifications:
Certifications to include one or more of the following:
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional
AWS Certified Solutions Architect Associate
AWS Certified Security Specialist
Microsoft Azure Solutions Architect
Google Professional Cloud Architect
Clearance:
United States Patent and Trademark Office. Specific Minimum Background Investigation (MBI) will be conducted.
Work Location:
Remote (Initial onboarding in Arlington, VA). Minimal travel to the Washington, D.C. Metro Area may be required if requested by the client.
#J-18808-Ljbffr
MILITARY FRIENDLY & PREFERRED - HOH SPONSOR
Summary:
We are looking for a highly talented, technical hands-on Senior Security Architect located in the Washington, DC metro area to help accelerate our Security Program for a client in the Government Sector. You will use your exceptional security knowledge and hands-on security tooling and systems administration skills to help support our customer with developing, reviewing, and modernizing highly secure and compliant computing architectures and implementations.
Duties and Responsibilities:
Lead a team of Security Architects and Security Engineers.
Security Architecture: Develop and Recommend Security Architecture and Standards for both cloud and on-prem environments. Review and update diagrams of security tools and traffic flow within environment and make recommendations for enhancements.
Cybersecurity Operations: Improve Cloud monitoring, detection, and response; Improve Security Operations (SOC) operations; Review existing security tools in environment for gaps and/or overlaps and make recommendations for improvements.
Privacy & Continuous Monitoring: Improve Vulnerability Assessment program; Integrate security scanning in Cloud Pipeline; Improve Cloud and on-prem vulnerability coverage and scanning.
Cybersecurity Authorizations and Compliance: Reduce time to ATO through continuous ATO; Improve Cloud Compliance.
Addressing critical software; and Developing secure Cloud adoption.
Develop, and integrate with other Cybersecurity workflow to include: ATO Intake, assessment, and Vulnerability Scanning process.
Integrate with Enterprise Architecture (EA) review process.
Perform security reviews based on RMF controls compliance, clients, and security best practices.
Develop security architectural patterns to enable faster ATO or assessment process by creating architectural designs that already meet compliance controls.
Provide security architecture input for DevSecOps security strategy and roadmap including application and infrastructure vulnerability scanning, automated assessments, and security controls.
Performs architecture design reviews including configuration and log reviews and perform network traffic analysis.
Produces a SAR Report to include HVAs architecture strengths and findings.
Qualifications
Required Skills:
High level of attention to detail, needs minimal guidance, effective verbal, and written communications.
Equally adept at strategic planning and operational/technical level.
Able to adapt to new and changing requirements or priorities and manage work and resources accordingly.
At least 5 years (preferred 10 years) of network, systems, applications:
LAN/WAN, WAF/CDN/DDOS, Network Firewalls, IDS/IPS.
Virtualization, hypervisor security, container security.
Application development, serverless security, microservices, CICD.
At least 3 years of designing and/or implementing security in Cloud (AWS required, Azure or GCP optional):
Multi-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility model.
AWS IAM, KMS, S3, RDS, SNS/SQS, Organization, Guard Duty, Security Hub, Detective, Config, CloudTrail, CloudWatch, Lambda.
Azure E3/E5, Active Directory, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.
Experience with DevSecOps strategy and implementation and designing architecture in accordance with RMF, CSF, FISMA, and Fedramp.
Familiarity with: ZTNA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.
At least 2 years working in or managing Agile DevOps, Scrum, Kanban.
Cloud architecture.
Architecture experience.
Networking experience.
Network Security/Cyber Security experience.
Education:
Candidate must have a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, information technology, or cyber security. The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or information technology.
Certifications:
Certifications to include one or more of the following:
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional
AWS Certified Solutions Architect Associate
AWS Certified Security Specialist
Microsoft Azure Solutions Architect
Google Professional Cloud Architect
Clearance:
United States Patent and Trademark Office. Specific Minimum Background Investigation (MBI) will be conducted.
Work Location:
Remote (Initial onboarding in Arlington, VA). Minimal travel to the Washington, D.C. Metro Area may be required if requested by the client.
#J-18808-Ljbffr