• SAIC has a new opportunity for an Information Security Architect to work on an exciting, fast-paced program.
• This position will work hand-in-hand with the customer team and external teammates across the government and contractor enterprise to design, build and oversees the implementation and maintenance of network and computer security for several government networks.
He/she will work closely with the SETA Team and stakeholders to:
• Use software and AWS services to establish a security architecture/infrastructure that complies with applicable USG cyber security requirements, policies, regulations, guidance and best practices.
• Establish security services utilizing AWS services. Will be responsible for installing, configuring and managing a range of security services and software tools within the USG environment to support environment wide security monitoring, auditing, compliance and remediation cyber activities.
• Lead and guide the SETA Team through the USG A&A process and be responsible for the development of the required products to support the A&A process.
• Lead the SETA Team in the identification, installation, configuration and ongoing maintenance of software tools required to comply with USG cyber security requirements, policies, regulations, guidance and best practices.
• TS/SCI with Poly Required
• Bachelor’s Degree in Computer Science, Computer Engineering, Information Assurance, Software Engineering or other technical discipline and 14 or more years relevant technical experience
• Security architecture design and implementation as part of a broader enterprise architecture
• Deep knowledge of USG assessment and accreditation (A&A) process and procedures. Direct experience in guiding projects through the USG A&A process
• Subject matter expertise in multiple domains, including cloud security, web security, Iden/Authen/Authz protocols (SAML, JWT, Oauth, OpenID) and infrastructure security (Chef/Puppet)
• Applying security to cloud technologies in the USG domain (CI/CD deployment pipelines and tools, secure infrastructure as code, Docker Container security)
• Significant, hands on experience with AWS services (EC2, ELB, RDS, S3, IAM)
• Cloud architecture and security fundamentals including containers, software-defined networks, high availability design
• Master’s degree in Computer Science, Computer Engineering, Information Assurance, Software Engineering or other technical discipline and 12 or more years relevant experience.
• Created security reference architectures for multi-tenant architectures
• Significant experience performing security design reviews of distributed systems and APIs
• Served as a cloud security SME for high visibility cloud initiatives
• Significant experience with AWS services and how to secure them
• Designing and building security services in a CI/CD deployment pipeline
• Translated compliance and security requirements into requirements
• Worked with engineers to identify the tradeoffs of different alternatives and recommend a preferred alternative with justification
• Docker and Kubernetes
• Knowledge of compliance requirements for industry standard certifications (e.g., PCI DSS, SOC2, HIPAA, PII)