IT Security Architecture and Engineering

This position is responsible for assisting in the development, implementation, and support of security architectures and solutions—including security frameworks and roadmaps—for the corporate business and Operational units across the Client's agencies. The role focuses on securing enterprise information by determining security requirements; planning, implementing, and testing security systems; and working effectively in a team environment.

• Experience developing and documenting security architecture and plans (strategic, tactical, and project-level).
• Familiarity with common information security management frameworks.
• Strong technical knowledge of mainstream operating systems and a broad range of security technologies, including network security appliances, identity and access management systems, anti-malware solutions, policy compliance tools, and desktop security tools.
• Ability to develop, document, and maintain security policies, processes, procedures, and standards.
• Understanding of network infrastructure (routers, switches, firewalls) and related network protocols and concepts.
• Strong analytical skills to assess security requirements and map them to appropriate security controls.

• Determine security requirements by evaluating business strategies and needs; researching security standards; conducting system security and vulnerability analyses; reviewing architecture/platform; identifying integration issues; and preparing cost estimates.
• Plan security systems by evaluating network and security technologies; developing requirements for LANs, WANs, VPNs, routers, firewalls, and related security/network devices; designing PKI infrastructure, including certification authorities and digital signatures; and adhering to industry standards.
• Implement security systems by specifying intrusion detection methodologies and equipment; overseeing equipment/software installation and calibration; preparing preventive and reactive measures; managing key creation, transmission, and maintenance; providing technical support; and maintaining documentation.
• Upgrade security systems by monitoring the security environment and evaluating/implementing enhancements.
• Prepare system security reports by collecting, analyzing, and summarizing data and trends.
• Stay current with emerging security practices and standards through ongoing education, professional publications, and involvement in industry organizations.