IT Security Architect 2

Interview Process: Interviews will be held in person. Candidates must be available for an in-person interview.

Remote or On-site: Candidates MUST be local. Will need to be onsite starting day 1 for hybrid work schedule onsite 2 days per week. NO REMOTE ONLY OPTION.

Security Architect 2

·      5+ years of experience with cybersecurity related job functions. 

·      Preferred: Bachelor’s Degree in cybersecurity or related field is highly preferred, Cybersecurity certifications are a plus

·      Strong knowledge and understanding of information technology systems and services to include:

            Virtualization

            Containerization (Docker)

            Cloud Hosting Operations and Technologies

               IaaS, PaaS, SaaS

Windows Workstations/Servers Functionalities

                    Linux Server Functionalities

                    Identification and Authentication processes and technologies (SSO/Reverse Proxies)

                    Encryption and Cryptography

                    Disaster Recovery and Business Continuity processes

                    Computer Networking

·       In-depth knowledge and understanding of compliance practices and methodologies, including risk assessment, monitoring, surveillance, and testing activities.

·       Desire to work in a collaborative environment, develop and drive strategic direction contribute day-to-day on implementing tactical solutions.

·       Strong knowledge and understanding of compliance regulations and their related frameworks, such as:

                  NIST SP800-53 Rev 4 & 5

                  Criminal Justice Information Services (CJIS) Security Policy. Version 5.9

                      The Privacy Act of 1974

                  The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

                  The Family Educational Rights and Privacy Act (FERPA)

·      Willingness to serve as a risk management expert providing meaningful input to ensure risk drivers are appropriately considered, assessed, and prioritized.

·      Evaluate the appropriateness of the audit response to changes in risk ratings.

·      Expertise in the risk and controls questionnaire-based risk identification, control evaluation, testing, sampling methodologies, technology controls, audit engagement processes, controls substantiation.

·      General knowledge of the Secure Application Development Lifecycle (SADLC) and the Software Development Lifecycle (SDLC) processes and practices.

·      Excellent analytical and problem-solving skills

·      Self-motivated with strong attention to detail

·      Excellent verbal and written communication skills.

·      Experience with Criminal Justice Information systems is desired.

·      Experience leading cyber security initiatives and projects.

Requirements

·      5+ years of experience with cybersecurity related job functions. 

·      Preferred: Bachelor’s Degree in cybersecurity or related field is highly preferred, Cybersecurity certifications are a plus

·      Strong knowledge and understanding of information technology systems and services to include:

            Virtualization

            Containerization (Docker)

            Cloud Hosting Operations and Technologies

               IaaS, PaaS, SaaS

Windows Workstations/Servers Functionalities

                    Linux Server Functionalities

                    Identification and Authentication processes and technologies (SSO/Reverse Proxies)

                    Encryption and Cryptography

                    Disaster Recovery and Business Continuity processes

                    Computer Networking

·       In-depth knowledge and understanding of compliance practices and methodologies, including risk assessment, monitoring, surveillance, and testing activities.

·       Desire to work in a collaborative environment, develop and drive strategic direction contribute day-to-day on implementing tactical solutions.

·       Strong knowledge and understanding of compliance regulations and their related frameworks, such as:

                  NIST SP800-53 Rev 4 & 5

                  Criminal Justice Information Services (CJIS) Security Policy. Version 5.9

                      The Privacy Act of 1974

                  The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

                  The Family Educational Rights and Privacy Act (FERPA)

·      Willingness to serve as a risk management expert providing meaningful input to ensure risk drivers are appropriately considered, assessed, and prioritized.

·      Evaluate the appropriateness of the audit response to changes in risk ratings.

·      Expertise in the risk and controls questionnaire-based risk identification, control evaluation, testing, sampling methodologies, technology controls, audit engagement processes, controls substantiation.

·      General knowledge of the Secure Application Development Lifecycle (SADLC) and the Software Development Lifecycle (SDLC) processes and practices.

·      Excellent analytical and problem-solving skills

·      Self-motivated with strong attention to detail

·      Excellent verbal and written communication skills.

·      Experience with Criminal Justice Information systems is desired.

·      Experience leading cyber security initiatives and projects.