Position Summary: The Senior Cybersecurity Architect is a subject matter expert in next generation security operations centers (SOC) and advanced cyber security technologies in the Federal sector. The architect is expected to provide thought leadership and guidance across a wide range of technologies at an enterprise-level for security architecture, design, engineering, and strategic planning. A successful candidate will have strong analytical, technical and communication skills with specific experience in SOC, security-as-a-service, and creating technology roadmaps. Ideal candidates should know how to secure an enterprise’s architecture by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures. Efforts will include the design, build, test and deployment of Security Analytics, Security Architecture, Risk and Privacy, and Cloud Security solutions. This is an exciting opportunity to be part of a growing firm with industry experience.
• Serve as the NOAA NCSC cybersecurity technical Subject Matter Expert (SME) to mitigate cyber risks and threats for the enterprise.
• Provide guidance on recommended security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
• Develop security-specific enterprise reference artifacts (e.g., playbook, patterns, blueprints, roadmaps, etc.).
• Participate in the selection decisions of security tools through best practices, industry knowledge, and technical expertise
• Assist in compliance inspections and reviews and conduct audits as required
• Direct vision and strategy; championing new security solution initiatives and lead proof of concept efforts for the enterprise and participate in the Architecture Review Board and Security Steering Committee.
• Provide technical engineering expertise to support architectural designs for new software solutions and threat identification to help mitigate security vulnerabilities.
• Develop and deliver consistent automated metrics covering aspects of the security program.
• Provide security guidelines for the organization to protect critical assets and data.
• Provide recommendations to improve cyber threat detection.
• Provide SME consulting to client executives and leaders.
Required Skills and Experience:
• Bachelor's or Master's (preferred) degree in Computer Science, Information Technology, Computer Information Systems, or related field.
• At least ten (10) years of IT experience with seven (7) years concentrated in Cybersecurity, preferably in both military and civilian government agencies.
• Knowledge of modern enterprise and security architectures focused on the federal sector, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
• Technical experience and skills in securing multiple operating systems such as LINUX (RedHat, CentOS and SUSE), MS Windows (All supported desktop and server versions) and virtualization technologies with emphasis on VMware and Hyper-V.
• Knowledge of various security tools (e.g., AV, HIPS, firewalls, VPN, DLP, etc.) with product experience in Intel/MacAfee’s ESM (Nitro), DLP and Webgateway, FortiGuard, ArcSight, SPLUNK, RSA NetWitness Suite and Archer GRC, LookingGlass, Exabeam, Gigamon, FireEye, IBM Appscan, Fortify and Encase.
• Knowledge of various networking concepts and devices (e.g., routing, switching, VLANs, etc.) with product experience in Cisco, Juniper, Fortinet and Palo Alto.
• Knowledge of various database security tools with product knowledge in Intel/McAfee DAM, IBM Guardium and FortiDB.
• Knowledge of emerging technologies (e.g., IoT, mobile, cloud, etc.).
• Knowledge of Threat Modeling of complex security systems.
• Expert knowledge of federal security standards and requirements including FISMA, NIST, etc.
• At least two (2) IT related certifications that include CISSP plus any of the 8570 IAT-III or similar CITR-006 SISO compliant certification preferred.
Security Clearance: Secret security clearance is required and candidates with active Top Secret clearance and SCI eligibility desired.