TCI has an immediate need for a remote
Information Security Architect. This is not a C2C opportunity . This is a long-term contract opportunity with probable extensions and possible hire.
NOTE: This position requires US Citizenship.RESPONSIBILITIES - Analyze the current state of the security program and design future states, creating a roadmap for implementation.
- Develop a business case and key performance indicators (KPIs) and socialize the security program within the Division.
- Assess, manage, and improve security policies and procedures to align with industry best practices and organizational objectives.
- Advise on security decisions and direction based on the Division's vision and mission.
- Collaborate with other Division Architects and the Security Operations Manager to develop global security strategies based on industry best practices.
- Advise on security decisions and direction based on a deep understanding of the Division's vision and mission.
- Develop and maintain a security architecture process aligned with business and technology drivers.
- Create security strategy plans and roadmaps based on enterprise architecture practices.
- Draft security procedures and standards for executive management approval or authorization by the Client.
- Determine baseline security configuration standards for operating systems, network segmentation, and identity and access management.
- Perform risk assessments, advise on risk response strategies, and identify security issues from system integration.
- Conduct or facilitate threat modeling of services and applications to mitigate associated risks.
- Coordinate with DevOps teams to advocate secure coding practices and escalate concerns about poor coding practices.
- Liaise with privacy and compliance officers to document data flows of sensitive information and recommend appropriate controls.
- Support internal security controls testing and validation as directed by the Client or internal audit team.
- Review security technologies, tools, and services and recommend their use based on security metrics.
- Evaluate, select, and implement security technologies, tools, and solutions to enhance the organization's security posture.
- Configure and deploy security infrastructure components such as firewalls, intrusion detection/prevention systems, endpoint protection, encryption, and authentication mechanisms.
- Develop incident response plans and procedures to mitigate security incidents effectively.
- Conduct post-incident analysis and forensic investigations to identify root causes and prevent future occurrences.
- Develop and deliver security awareness training programs to educate employees on security risks and best practices.
- Provide ongoing support and guidance to staff regarding security-related inquiries and concerns.
REQUIREMENTS - Bachelor's degree in computer science, Information Security, or related field; advanced degree preferred.
- Proven experience (5+ years) in information security architecture, design, and implementation.
- one or more of the following certifications are a plus: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), or other relevant certifications preferred.
- Understanding information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL.
- Experience with Government agencies, particularly the Department of Defense (DoD), on information security matters. Experience with Government Classified systems and the associated security requirements.
- Proficiency in Microsoft Office Suite (Word, Excel, Outlook, etc.)
- Excellent documentation and communication skills.
- This position requires US Citizenship.
- Remote opportunity for candidates located in EST time zone.