Job Description :
Job Title: Senior Security Architect
Interview: Prefer in-person, but can do phone, Skype, or WebEx
Location: Bethesda, MD
Duration: 6 months with possibility of an extension or conversion
Job Description:
Education
BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master’s Degree is a plus.
Minimum Experience
10+ years of IT experience, preferably in the financial services industry
6-8 years’ experience working in an enterprise architecture, information security, and information technology or information risk management related field.
Minimum 4 years’ experience in the specification of enterprise Information Security Architectures with an understanding of infrastructure and application security requirements and architecture. An understanding of IaaS and SaaS based risks and required security controls is essential.
Specialized Knowledge & Skills
Experience with AWS IaaS, AWS security, AWS APIs, AWS automation as part of the DevOps lifecycle is desirable.
Demonstrated experience in defining security architecture solutions for large, mission critical systems comprised of cloud-based infrastructure, enterprise messaging bus and web service based applications.
Experience of participating in the SDLC Agile process is desirable.
Demonstrated understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, FISMA, BITS etc
Demonstrated experience with Windows, Linux, Red Hat, etc. hosts, operating systems and applications in a virtualized environment using modern hardening standards (DISA STIG, CIS, USGCB etc.
Familiarity with security aspects of databases and middleware including MS SQL, Oracle, Tibco EMS.
Demonstrated understanding of network security, OSI model, and information security architecture.
Excellent interpersonal skills, presentation skills, and verbal / written communication skills
Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives
Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives
CISSP and/or CISM Certification preferred
Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies
Notes from a manager call:
Looking to supplement core capabilities within the architecture team. Need a senior engineer who can look at developing solutions around the needs to of the business. Would like this person to be well versed in infrastructure and application so they are aware of all controls. Should be able to bridge gap between needs of business and controls.
An architect with a background in engineering is a perfect fit for this.
Each unit has their own solutions – this person will make sure that there are controls around those solutions.
Tools & Technologies: primarily use AWS for application right now, use a lot of AWS services, but mainly treated like a data center. This person should have AWS experience .
Each unit has their own solutions – this person will make sure that there are controls around those solutions.
Years of experience don’t matter when it comes to AWS experience; more so about how much hands on experience they have.
Freddie/Fannie experience is a plus. Financial or federal background is preferred.
Team: responsible for architectural engineering. Responsible for architecture review board.