Location: Washington, DC
Positions available: 1
Duration: 5+ years
Start date: Now
Work Status: US Citizens only
Salary: Please let us know your salary requirement
Clearance: Top Secret clearance
Title: Application Security Architect (If you have an Active Secret we can process for a Interim TS)
Application Security Architect
The role will entail working with various information security groups to review current application security architecture and provide recommendations to System Owners for improving system security. The security architect will work as part of a security team to provide security guidance with goals of maturing IPMS system security policy and technology frameworks, improving overall security posture and cultivating a office-wide culture of security*awareness. The role requires the Security Architect to assess security threats, identifying and tailoring requirements, and integrating security controls. The ideal security architect is motivated, results oriented and committed to providing outstanding customer service.
* Serve as expert across security functional areas, which includes credential management, access provisioning, authentication and authorization, application security,
infrastructure security, data security, security monitoring, and operation security across the organization. Partner with multiple projects and initiatives to apply security architecture
requirements, develop solutions, integrate security into solution designs, access risks of security gaps, and develop architecture remediation.
* Serve as lead or technical expert to define and maintain the architectural frameworks/patterns, processes, standards and guidelines related to systems, business or data
* Conduct studies of new technologies to provide more efficient and cost effective solutions.
* Develop methodology/framework for providing consistent and repeatable security architecture guidance to new projects by working alongside various IT teams and business
customers and groups.
* Develop presentations for Division Chiefs that explain complex security topics in a very simple business oriented language along with their business benefits.
* Position cyber security as the lifeline for all information security functions and develops inputs/outputs and processes for integrating with various groups like security strategy,
security consulting, risk assessment, security detection and incidence response.
* Provide security architecture guidance that is built on principles of balancing security advice with business and IT needs.
* Research and recommend tools to help manage security analysis, process, and incident management.
* Manage security incidents that cross multiple teams in the organization.
* Serve as an information security advisor to key IT and business stakeholders, establishing trust relationships through active engagement and collaboration.
* Determine security requirements by evaluating business strategies and requirements; research information security standards; conduct system security and vulnerability
* Partner with Operations and Architecture team and stay abreast of business and industry technologies and trends.
* Perform gap analysis across the organization to identify unnecessary complexity in existing processes and procedures; work with service and application owners on mitigation
* Solid knowledge and understanding of securing Microsoft Windows and Unix/Linux OS based applications/systems
* Security Architecture development
* Information analysis and insight generation
* Information security management
* Have strong analytical skills and deep security subject matter expertise across platforms
* Exercise critical thinking in identifying external trends in information security threats and correlating to internal activity
* Ability to work with minimal supervision
* Excellent communication skills and ability to work across segments and levels to ensure fast and appropriate action is taken when a breach is identified
* Possess deep cyber security expertise to be credible to organization when making recommendations and driving change
* Solid knowledge and understanding of securing all ERP (preferably PeopleSoft) and Oracle/SQL Server databases
Preferred: (please list tools and software)
* ERP Security Administration (Preferred PeopleSoft)
* Microsoft Windows Server based application security ( Active Directory, IIS, .Net, File Shares)
* Oracle Database Security
* Microsoft SQL Server database Security
* Minimum of 7 years in several security functional areas including ERP applications, Databases and Operating systems
* Minimum 5 years as security administrator for ERP Applications/Databases/ Operating systems
Certification: (please list any required certifications)
* At least one relevant industry certifications (MCSE, CISSP, CISA, CISM etc..); Security+, CISSP-ISSAP certification is a plus
* PeopleSoft Security Administration
* Oracle Database Security Administration
* SQL Server Database Security Administration
* MCSE or MSCA certificate related training
Sr. Program Hiring Manager
Knowledge Management, Inc.
353 Middlesex Road
Tyngsboro, MA 01879
Office: 978-649-0123 ext. 200
*An SBA 8(a) STARS II Contract Holder & an SDB & MBE Certified Company
353 Middlesex Road Tyngsboro, MA, 01879Contact