The Client is seeking a Senior Security Architect to serve the VDOT leadership in the domains of Application, Data and Technology Security through the development of architecture patterns, briefs, reports, and targeted security risk analyses.
Responsibilities:
-
Design/Institutionalize Enterprise Security/technology Patterns
-
Assist teams on initiatives, providing tactical and architectural considerations on legacy solutions
-
Evaluate new implementations while navigating a complex organizational environment with diverse stakeholders to accurately present the scenario, and present sound analyses and recommendations with steps for approval and implementation
-
Manage a body of work independently, leveraging available process documentation, templates, systems and resources.
-
Assist in issue resolution, communicating concerns effectively to the right personnel, operationalizing Security Architecture practices and extending the scope of ITD Governance and Security Architecture.
-
Create and socialize clear, impactful and polished architecture artifacts, such as:
- Standards and guidelines
- Management Briefs
- Security Training
- Updated processes
- Knowledge Base articles
- PowerPoints
- Visio Process Diagrams
- PowerBI Dashboards
- Excel Reports
- Collaborate with Business areas and cross- functional Enterprise Architects to fully understand business needs and provide strategic consultation on data security and risk-averse implementation.
- Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and exception documentation.
- Support Vulnerability Management by ensuring VM data quality and ingestion for remediation team execution.
- Integrate Security into Architecture Roadmaps by developing artifacts and ensuring other architects' roadmaps contain integral security measures and best practices.
- Research and share findings of architecture governance, controls, and peer review processes and projects with regards to platform technology, security, and cloud.
- Document process diagrams and script narratives/executive summaries.
- Create Business focused documentation for diverse technical audiences.
- Research and provide written guidance on alignment with security policies/standards.
- Partner with architects, other technical team members and to develop roadmaps and strategies to support agency KPIs
Qualifications:
-
State/Industry experience in information security and IT risk management with a focus on security, performance, and reliability.
-
Federal/State compliance and standards alignment experience reviewing proposed changes for programs and projects.
-
Policy Development experience, utilizing, and presentation of information security architecture policies, standards and procedures
-
Monitoring information security compliance experience with information security architecture policies and standards.
-
Information security framework experience like NIST 800 Series, CSF and COBIT.
-
Substantial technical expertise in at least two areas:
-
Cloud technologies
-
Identity and access management (IAM)
-
Vulnerability Management
-
Firewalls
-
Computer Forensic Techniques
-
Databases
-
Collaboration Tools
-
Web and Mail Services
-
Security direction and design inputs experience with information security capabilities, and strategic technology alternatives.
-
Communication and collaboration experience with excellent written and oral communication and presentation skills, and the ability to simplify technical terms and collaborate with diverse personnel.
-
Demonstrated experience working with a broad cross-section of personal including all levels of management and external entities such as VITA consultants and service providers to explain and security measures and collaborate and disseminate security related information in partnership with the Office of Information Security
-
Fast-Paced environment experience with experience acquiring new skills/knowledge to meet customer needs.
-
Customer perspective experience understanding IT customers' priorities and the business criticality of platforms, applications and services.
Skill
Required / Desired
Amount
ofperience
Knowledge and application of security best practices
Required
7
Years
Demonstrated experience creating executive-facing security recommendations
Required
7
Years
Knowledge of IT Governance and Compliance
Required
3
Years
Experience in business writing and presenting
Required
3
Years
Educational or Career Experience in Cybersecurity, Government technology implementation, IT Governance or related field(s).
Required
4
Years
Demonstrate experience in Risk-Based analysis
Required
7
Years
Experience in Process Modeling (Visio)
Required
3
Years
PowerBI Experience in Data Visualization and Reports
Desired
3
Years
SharePoint Organizing, sharing and retrieving resources
Desired
3
Years
IT Security Architect