Lead Information Security Architect

Software Guidance & Assistance, Inc., (SGA), is searching for a Lead Information Security Architect for a CONTRACT assignment with one of our premier Financial Services clients in San Francisco, CA, Los Angeles, CA or Salt Lake City, UT.

Responsibilities:
Lead and produce system threat models for integration of commercial components into a data lake platform. Help design secure cloud architectures. Propose effective security controls within the environment and identify and mitigate security vulnerabilities. Simplify complex security topics, lead discussion in technical and business teams, communicate risk accurately.

• Secure Cloud Architecture- Designed and implemented secure, scalable AWS cloud architectures- AWS OR GovCloud
• Threat Modeling & Vulnerability Mitigation- system threat modeling initiatives for data lake and application platforms (applying NIST 800-53)
• Data Platform Security (Databricks, Starburst, Collibra, Immuta)- securing modern data ecosystems and applying security controls
• Ability to simplify complex security concepts and lead discussions with tech and business teams
• Evolve and mature our models, templates, standards, and procedures related to secure application development and secure application and cloud architecture. Ensure these artifacts are in alignment with FRS policy and standards.
• Consult with our development teams to help them align with FRS policy and standards and meet the risk appetite of the customer.
• Work with members of application development teams to review and create secure application and infrastructure designs and patterns.
• Assist development teams by reviewing threat models related to applications and related systems. Analyze potential business impact and exposure leading to risk, based on emerging security threats, vulnerabilities, configurations, threat actor TTPs, etc.
• Evaluate CICD pipeline design, and related development team processes and help to mature and secure creation, management, and utilization of pipelines.
• Assist in identification and integration of security focused tooling into development and operations processes.
• Support secure application architecture within the Federal Reserve System by fostering constructive dialogue and seeking resolution when confronted with discordant views.
• Solicit feedback and continuously improve your knowledge, skills and capabilities related to the position.

Required Skills:

• Self-starter, able to readily explore and learn new areas and concepts.
• Knowledge and experience normally acquired through, or equivalent to, the completion of a Computer Science or Computer Engineering Bachelor's degree with a minimum of 5 years of job-related experience.
• Degrees in Computer Science or Engineering and/or relevant technically focused certifications in Cloud and/or enterprise security architecture such as GCAD or GDSA are advantageous
• Able to create AWS secure cloud architecture designs
• Hands on experience with the following:
  • AWS commercial or government cloud
  • Experience securing critical workloads in a cloud environment.
  • Knowledge and experience with Databricks, Starburst, Collibra and Immuta is advantageous.
• Understand current security threats, techniques, and landscape
• System threat modeling of applications and platforms
• Able to identify and provide mitigation for security vulnerabilities within applications and application environments based on threat models.
• Able to simplify complex security topics for consumption and critical decision making.
• Able to lead/direct discussions with technical and business teams to achieve common goals.
• Able to work well within a team and support team goals
• Understand cyber security frameworks such as NIST 800-53
• Ability to work on a geographically distributed team across multiple time zones

Preferred Skills:

• Ability to clear background investigation - add correct wording
• Ability to be on site full time with flexibility.
• Located near to the San Francisco Bank or a branch bank in Los Angeles or Salt Lake City.
• Familiarity with SAFe a plus

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.