Position Security Architect
Duration 6 Months
Location Columbia, SC
DAILY DUTIES / RESPONSIBILITIES:
Information Security architecting, engineering and operations. This is full information security to include, systems, network, procedural and operational.
Work with existing staff to architect and deploy advanced information security systems in a highly complex distributed enterprise environment.
Develop installation, configuration, and operational process/procedure documentation to enable Division of Technology and Agencies to install and operate approved security solution.
Work with Security Operations Center to identify enhanced data collection and correlation capabilities in existing data and gaps in data collection/analysis architecture, systems and procedures.
Identify and develop solutions for preventing, detecting and mitigating risks to information and information systems.
Conduct training as necessary to division and agency personnel on security processes, procedures and methodologies to ensure security event information is properly identified, correlated, documented and mitigated in accordance with department standards.
Operate and administer security services as part of a team.
Perform other duties as assigned.
REQUIRED EDUCATION/CERTIFICATIONS:
Bachelor’s degree or 8 to 10 years’ experience.
PREFERRED EDUCATION/CERTIFICATIONS:
CISSP, SSCP, GSEC, GCED, CISM, CEH, MCSE, CCSP
SKILLS SHEET:
information security principles and practices
IT Security
Security Information Architecture
Application Security
risk/vulnerability assessments
Role Based Access Control (RBAC)
Security Information Event Management (SIEM) systems development / configuration
Tenable Security Center Administration
Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures.
Information Security
data discovery and data loss prevention (DLP)
Identity Access Management (IAM)
ADDITIONAL SKILLS:
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Cyber Awareness and understanding
Expert understanding of information, computer and network security, operation, engineering, and architecture.
Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures.
Expert understanding of access control logging and reporting systems.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Identity Access Management (IAM)
Role Based Access Controls (RBAC)
Privileged Access Management (PAM)
Data Loss Prevention (DLP)
Enterprise Security Information Event Management (SIEM) systems (i.e. QRadar, ArcSight, Splunk)
Vulnerability Assessment (VA)
Applications Security (AppSec)
Cloud Security and Access Brokers
User metadata and Information Security event collection, logging and correlation
McAfee e-Policy Orchestrator (ePO) / DoD HBSS
Tenable Security Center / Nessus
IBM AppScan