CISSP and CEH Security Architect (TS10120933)

  • ICconx Sourcing Services
  • Westminster, CO, USA
  • 10/12/2018
Top Secret SSBI SCI Cybersecurity IT / Telecom Science / Technology Development Security Management / People Info Campus

Job Description

Security Architect supporting an Intel/Space client in the Greater Denver Area.

Clearance Level: Must be a U.S. Citizen with a Top Secret with SCI security clearance. 

Location: Westminster, CO

Certification Requirement: CISSP and CEH required

Strongly Desired: Knowledge of IC space programs.

JOB SUMMARY: Security Architect provides security engineering, technical leadership and execution ownership throughout a program for client’s in the Intelligence/Space realm.

The Security Architect gathers and manages customer requirements as part of collaboration with market facing team members

  • Leads and collaborates closely with Enterprise Architectures, Domain Architects and Systems Engineers to ensure alignment of customer requirements with development and implementation plans
  • Collaborates closely with functional leads (Domain architects, product owners, subject matter experts) to define work plans and dependencies, responsible for outcome verification, and optimized transition to Operations
  • Keeps end-user/operator apprised of solution and progress. This role is heavily software based - and business-value focused.
  • Manages the development, documentation, implementation, and communication of customer-facing and enterprise-wide information security strategies, practices and policies.
  • Leads and/or manages multi-disciplinary team reviews of existing architecture, identify security architecture and design gaps, and recommend and drive required security enhancements.
  • Leads and/or manages multi-disciplinary team reviews of new products, business applications, and/or vendors to identify security design gaps to evaluate appropriate security capabilities, assessing their risk and their value in support of a customer-facing program, corporate goals and overall security strategy.
  • Conducts individual, independent security reviews of vendor proposals, review security architectures and recommend modifications to the information security operation to evaluate risk reduce costs or improve service.
  • Serves as information security subject matter expert, trusted advisor/inside information security consultant; provide advisory and consulting services as needed to various department and project teams
  • Meets with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards
  • Understands current as well as emerging security threats and design security architecture to mitigate threats where possible.
  • Stays abreast of new information systems and security technologies and integrate into security architecture design when appropriate.
  • Manages multi-disciplinary incident response team in response to current or potential threats, incidents.
  • Leads and/or participate in security risk assessments using a NIST and RMF based risk methodology; Maintain a thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the system applications, as well as document implementation in Security Controls Tractability Matrix (SCTM).
  • Prepares specific security status reports by developing, collecting, analyzing, and summarizing security related data and trends.
  • Presents specific security status reports to various levels of management, including Senior Management Team
  • Identifies and develops regular and emergency security-related communications as needed.
  • Promotes security and risk related campaigns for information security awareness among all staff.

RELEVANT EDUCATION AND EXPERIENCE:

  • BS in Computer Science, I am lettinInformation Technology, Computer Science, Information Assurance or related technical field is required or equivalent works experience
  • 5-7 years of security experience and Cross Domain knowledge.
  • Experience with ICD 503.
  • Experience in a Security Analyst, Security Engineer or Security Architect role is required.
  • Experience in business/industry (beyond IT).
  • Experience managing cross-functional teams or projects, and influencing senior-level management and key stakeholders desired.
  • Previous experience working as a security professional in a Secret or TS/SCI environment.
  • Must have a strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
  • Must have a strong knowledge cyber security theory and practice as promoted by numerous security standards and certification entities.
  • Must have a strong understanding of advanced technical security topics such as Security Essentials; Auditing and monitoring networks, systems, and users; forensics, malware analysis; and security incident response.
  • Experience in a converged cyber and Physical Security department desired.
  • Experience managing cross-functional teams or projects, and influencing senior-level management and key stakeholders desired.
  • Background in GIS, manufacturing, spacecraft command and control, ground systems infrastructure, or analytics are a plus.
  • Familiarity with software development practices and various methodologies (Scaled Agile Framework preferred: SAFe, and Waterfall experience is beneficial as well).
  • Familiarity conducting vulnerability scans.
  • Must be highly motivated with good interpersonal skills and excellent technical skills
  • Ability to work in a fast-paced environment
  • Proficiency in Microsoft Office Suite
  • Ability to read, write and speak English