Senior Security Architect
Bethesda Bethesda, Maryland 20814
Kavaliro is looking for an experienced and knowledgeable Senior Security Architect for our direct client at Bethesda, MD. The Senior Security Architect will have extensive application and infrastructure security architecture experience including cloud-based environments. The role includes the opportunity to build, from the ground up a security architecture around a cloud-based datacenter for critical financial services infrastructure.
The role involves working with advanced IaaS, PaaS and SaaS based architectures and designing controls to mitigate the associated risks. This individual will be working in a high-performing technical environment. A well-qualified candidate will be comfortable working both hands-on engineering and at the architecture/design levels of a solution.
The position provides an opportunity to participate in an energetic and fast paced environment using the latest in technology and tools to build and secure an advanced financial services processing platform running in a virtual cloud-based datacenter.
Key Job Functions
The senior security architect is responsible for the security architecture and design of the infrastructure, business applications and tools. This will require working closely with information technology teams (infrastructure engineering, infrastructure operations and application development and operations) and business stakeholders to understand goals, determine security requirements, design, and implement a secure infrastructure to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
• Integrate large scale distributed financial services application leveraging IaaS based infrastructure with the required security controls.
• Identify the protection needs (i.e., security requirements and controls) for the information system(s) and network(s), document requirements and drive implementation through collaboration with developers and infrastructure engineers
• Coordinate with systems architects and developers to provide guidance in the development and integration of secure cloud-based designs leveraging a combination of native IaaS capabilities and additional products where requirements dictate.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
• Specify product requirements gathering, manage vendor relationships and perform POCs of selected products obtaining management buy-in to products that meet business needs.
• Specify solutions that address authentication, authorization, logging of critical security related events, administration (provisioning of access rights, recertification of access rights), confidentiality (both at rest and in transit), integrity, and availability.
• Build effective relationships with key stakeholders who own and support IT architecture, infrastructure, applications, processes and operations throughout.
• Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.
• BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master’ s Degree is a plus.
• 10+ years of IT experience, preferably in the financial services industry
• 6-8 years’ experience working in an enterprise architecture, information security, and information technology or information risk management related field.
• Minimum 4 years’ experience in the specification of enterprise Information Security Architectures with an understanding of infrastructure and application security requirements and architecture. An understanding of IaaS and SaaS based risks and required security controls is essential.
Specialized Knowledge & Skills
• Experience with AWS IaaS, AWS security, AWS APIs, AWS automation as part of the DevOps lifecycle is desirable.
• Demonstrated experience in defining security architecture solutions for large, mission critical systems comprised of cloud-based infrastructure, enterprise messaging bus and web service based applications.
• Experience of participating in the SDLC Agile process is desirable.
• Demonstrated understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, FISMA, BITS etc.)
• Demonstrated experience with Windows, Linux, Red Hat, etc. hosts, operating systems and applications in a virtualized environment using modern hardening standards (DISA STIG, CIS, USGCB etc.).
• Familiarity with security aspects of databases and middleware including MS SQL, Oracle, Tibco EMS.
• Demonstrated understanding of network security, OSI model, and information security architecture.
• Excellent interpersonal skills, presentation skills, and verbal / written communication skills
• Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives
• Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives
• CISSP and/or CISM Certification preferred
Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies