IT Security Architect

Type of Experience:

• B.A. or B.S. degree or equivalent experience.
• Minimum 7 years of experience working as a Security Architect in a mid to large size IT environment and delivering technical security solutions for the enterprise.
• Experience providing IT security support to government clientel is preferred.

• Solid understanding of security protocols, cryptography, authentication, authorization and security
• Good working knowledge of current IT risks and experience implementing security solutions
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
• Working knowledge and experience implementing zero trust architecture across both custom developed and cloud-based systems
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook

• Assessment of the current state of Zero Trust Architecture implemented across all systems.
• Plan/roadmap defining best path forward to implement Zero Trust Architecture across all systems along with updates at least quarterly.
• Assessment of the current state of implementation of multi-factor authentication ("MFA") across all systems
• Plan/roadmap or assessment defining the best path forward for the continued implementation of multi-factor authentication ("MFA") across all systems along with updates at least quarterly.
• Enterprise definition of encryption at-rest and in-transit based on understanding of enterprise technology
• Implementation Assessment and inventory of the current state of encryption at-rest and in-transit for all systems and associated data.
• Plan/roadmap defining how and when all systems will implement encryption at-rest and in-transit if not already implemented along with updates at least quarterly.
• Support in continually improving the IT Security's incident detection and response posture by providing recommendations on how to improve processes and toolsets
• Support the implementation of a Supply Chain Risk Management program by recommending processes improvements, i.e. SDLC updates, and appropriate toolsets.
• Assess current development methodologies adherence to security compliance and make recommendations/policies to ensuresecurity compliance is incorporated rigidly into the SDLC process.
• Validate and/or recommend changes to current Security Standards and Implementation / Maintenance Policies and support the effort to ensure that Security Standards are incorporated in all EA and Development Initiatives.
• Contribute to defining a path forward to transition to a 100% Dev/Sec/Ops adoption including developing a recommendation taking into account all facets of Dev/Sec/Ops including technical as well as organizational objectives and challenges.
• Contribute to the maintenance of the EA To-Be Architecture and the associated Roadmap for achieving the EA To-Be Architecture from a Security Architecture perspective taking into account the strategic direction of the Information Security Program.