IT Security Architecture Technical Lead - AWS

Job Family :
IT Cyber Security

Travel Required :
Up to 10%

Clearance Required :
None

What You Will Do :

Our Security Architecture Technical Lead - Amazon Web Services (AWS) is a technical leader focused on IT Security solutions research, design, implementation, testing, and documentation within the AWS environment. They will work hand in hand with the IT Security Architecture team, the IT Architecture team, and Solution Engineering & Architecture (SE&A) team on all solutions but are focused on the IT Security equities within the AWS environment. Effectively leads and manages complex IT Security Architecture projects that may span company-wide initiatives within scope, timeline, and budget. Applies technical knowledge to innovation and performance improvement while demonstrating critical thinking and sound logic when assessing problems and opportunities in generating solutions. Contributes to ensuring the current and future over the horizon capabilities of Guidehouse security systems, maintaining, and protecting Guidehouse and Client data within AWS to the NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, and HITRUST standards. Contributes to keeping Guidehouse abreast of all the best of breed capabilities within AWS that continue to make Guidehouse a technology pathfinder within the industry. Reports directly to the Chief Information Security Architect.

Job Function:

• Assists in the organization, development and implementation of IT Security Architecture initiatives that support overall IT Security goals and objectives that may span company-wide initiatives
• Demonstrates clear and effective written and verbal communication skills; delivered in a professional, respectful, and timely manner
• Produces "client-ready" deliverables and help manage the quality of IT Security Architecture's work products based on established or establishing KPIs and applicable professional standards and best practices, including appropriate methodologies, tools, and resources
• Structures work product that clearly conveys complex issues; synthesizing various inputs to articulate a clear point of view, as needed
• Identifies critical issues to be communicated and inform all appropriate stakeholders; adapting messages and approach based on the audience
• Designs and implements security frameworks for applications hosted on AWS, ensuring they comply with regulatory requirements and industry standards
• Documents and maintains the AWS security architecture framework
• Assists in conducting risk assessments and security audits to identify vulnerabilities and recommending mitigations to enhance security posture
• Collaborates with IT and development teams to integrate security practices into the DevOps pipeline, promoting a culture of security awareness
• Configures and assists with management of AWS security services such as Identity and Access Management (IAM), Amazon Cognito, AWS Key Management Service (KMS), and AWS Shield to safeguard against unauthorized access and threats
• Configures and assists with management of AWS specialized data classifications and data protection mechanisms
• Designs and configures monitoring and alerts using AWS Security Hub in accordance with Guidehouse Policies, Standards, and Procedures
• Assists with the development of incident response strategies and efforts to address security incidents and breaches, minimizing impact on business operations
• Demonstrates active listening skills that contribute to deeper understanding of the team and client
• Engages in complex technical discussions, ask open-ended questions where appropriate, suggest specific actions, and identify next steps
• Demonstrates honest and professional behavior in all interactions
• Helps keep the technical services provided to clients in compliance with regulations, laws, policies and procedures
• Anticipates and proposes solutions for areas of potential risk; resolving and/or escalating issues when appropriate
• Learns to assume and embrace an appropriate level of risk
• Contributes to risk mitigation and contingency planning in alignment with IT Security leadership guidance
• Uses creativity, analytical thinking, and good judgment to develop new technical solutions that solve complex problems
• Identifies and incorporates improvements to systems or processes to enhance performance of IT Security programs/projects
• Adapts to situational demands and model and encourage flexibility and willingness to take on diverse tasks across different areas/functions, working effectively in unstructured or unclear circumstances
• Promotes the development of new technical knowledge and skills within IT Security Architecture team
• Aligns work to support the execution of the strategy
• Stays current on best practices and methodologies relevant to work
• Facilitates discussions with stakeholders to ensure alignment on concepts and approaches, anticipating issues
• Leads by example, presenting themselves and the company in a manner that always promotes a positive lasting impression of high quality, promptness, and professional service
• Understands and properly manages client expectations in line with engagement scope; regularly communicate project status
• Seeks out impactful ways to deliver a positive client/stakeholder experience and add value, acting with the best interest of the client and the firm in mind
• Demonstrates subject matter expertise of AWS technologies and services, as well as knowledge of best practices in cloud security
• Ability to participate in cross- functional discussions on projects and processes
• Achieves operational targets with major impact on results
• Facilitates discussions with external clients or stakeholders to ensure alignment on concepts and approaches
• Demonstrates strong knowledge of project management
• Influences others inside and outside of IT Security to justify practices, policies, and procedures
• Introduces and applies fresh ideas and creative solutions to stimulate discussion and thinking in both internal and external situations
• Regularly employs ingenuity and creativity to develop new technical solutions to solve difficult and moderately complex problems
• Relies on extensive experience to independently develop approaches to solutions within IT Security Architecture
• Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgement and identify innovative solutions
• Responsible for making moderate to significant improvements of systems or products to enhance performance of programs/projects
• Identifies and incorporates moderate improvements to systems or processes to enhance project performances within IT Security Architecture
• Contributes to or manages large projects or processes with limited guidance or oversight, delegates work to lower-level employees and reviews others' work products
• Responsible for providing guidance, coaching, and training to other employees across the Company within technical area of expertise. Typically, responsible for leading large, complex project initiatives of strategic importance to the organization, involving large cross-functional teams (without direct reporting relationships)

What You Will Need :

• Bachelor's Degree, plus 4 years of professional experience OR (8 years of professional experience can be substituted for degree)
• Clearance: Ability to obtain a National Security Clearance or a U.S. Federal Government Public Trust
• Must be able to work East Coast US business hours

• Experience working with executives
• Shall possess following certifications:
  • AWS Certified Cloud Practitioner Foundational
  • AWS Certified Security Specialty
• Extensive experience with AWS environments, network security, and information security principles
• Experience configuring and managing AWS security services such as Identity and Access Management (IAM), Amazon Cognito, AWS Key Management Service (KMS), and AWS Shield to safeguard against unauthorized access and threats
• Extensive experience with AWS Security Hub
• Experience with AWS Control Tower
• Experience architecting IT General Controls
• Working knowledge of NIST SP 800-171 and NIST SP 800-53
• Experience managing multi-geographic cloud resources while implementing controls compliant with NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, HITRUST, or GDRP
• Experience documenting processes and procedures to comply with required NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, HITRUST, or GDRP
• Significant demonstrated experience working with cloud first solutions that are implemented globally
• Experience SIEM architectural design, such as Splunk or AWS Security Hub to support incident response and proactive threat hunting
• Working knowledge of ZeroTrust environments, implementation strategies, and best business practices within AWS
• Experience architecting data loss protection (DLP) and sensitive information management within AWS
• Experience architecting external entity federations and external authentication strategies within AWS
• Ability to work on many concurrent, and changing priorities
• Action-oriented and able to manage and meet aggressive timelines and deadlines
• Strong analytical skills, attention to detail, and effective communication abilities are essential
• Must have excellent organizational and time management skills

What Would Be Nice To Have :

• Computer-related Degree OR cyber field related or Master's with 2-4 years of experience
• Experience working with US Federal Law Enforcement and/or Intelligence Communities
• Shall possess one OR more of the following certifications OR equivalent:
  • AWS Certified Solutions Architect Associate
  • AWS Certified Solutions Architect Professional
  • AWS Certified DevOps Engineer Professional
  • AWS SysOps Administrator Associate
  • AWS Certified Data Engineer
  • AWS Machine Learning Specialty
  • (ISC)2 Certified Information Security Professional (CISSP) - Information Systems Security Architecture Professional (ISSAP)
  • CREST Registered Technical Security Architecture (CRTSA)
  • EC-Council Certified Network Defense Architect (CNDA)
  • GIAC Defensible Security Architecture (GDSA)
• Demonstrated ability to learn and document new technologies/solutions
• Experience with ServiceNow is a plus
• Experience working in an ITIL environment

The annual salary range for this position is $99,500.00-$149,300.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer :

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.