Job Description :
Title: Security Architect
Location: Columbia, SC
Duration: 12 Months
Job Description
Scope Of The Project:
A strong candidate for this position should possess HANDS-ON experience in the following:
Server and network infrastructure administration
Secure application development and integration
Secure system design and engineering
Strong understanding of authentication, authorization and auditing
Role Summary/Purpose
Technical Knowledge:
HANDS-ON experience with any or all of the following technologies would be considered a desirable for this position:
System/Infrastructure Administration
VMware NSX, HCI, or similar
Secure System Design – Infrastructure hardening and Secure application and Database (SQL, Oracle, NoSQL, etc security, development, deployment and management
DevOPS security integration
System and application security continuous monitoring expertise utilizing tools such as Nessus, Saint, Qualys, etc…
Security Information and Event Management (SIEM) solutions such QRadar, Splunk, etc.
IBM System 390/zSeries
Linux and Windows servers
Identity and Access Management (IAM) solutions
Cloud service and vendor integration
Security Program Experience:
Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliant programs is not required, but may be considered desirable in the event that strong parity in technical skills is identified in multiple candidates.
Experience with development and integration of Security tasks and artifacts into the System/Software Development Life Cycle (SDLC) is ideal.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be desirable for this position.
General Duties and Responsibilities:
Participate in audit and assessment of internal systems as well as business partner/service provider information systems.
Utilize Microsoft Office software suite, eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities.
Participate in third-party audits and/or assessments of business partner systems
Collaborate with leadership, business partners and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts.
Required Education/Certifications:
1. BS degree in computer science or similar discipline. Equivalent experience will be considered for candidates with strong HANDS-ON experience.
2. Security+ or equivalent certification is required
Preferred Education/Certifications:
1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification.
2. Microsoft, CISCO, VMWare or other similar certifications will be considered a plus
Required Skills (Rank In Order Of Importance):
1. 3+ years of HANDS-ON experience in network design, implementation and support
2. Deep technical knowledge of secure system design principles, security architecture, network and system compliance tools, data protection schemes and access models.
Preferred Skills (Rank In Order Of Importance):
1. Prior experience in working with any eGRC systems.
2. Prior Health Information Technology experience.
3. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.