The Information Technology and Cloud Security Architect Lead will manage a Security Team and serve as the primary security point of contact for a Federal Civilian agency’s cloud platform. The IT & Cloud Security Architect will work with stakeholders to develop and implement strategy for advancing security operational compliance activities as part of a security framework aligned with the Agency’s vision.
IT & Cloud Security Architect will assist, advise, architect and implement secure information system environments and cloud migration support services that complies with FISMA, FedRAMP and Agency -specific security objectives.
- Spearhead FISMA and FedRAMP security assessment, authorization and continuous monitoring, including development of RMF security and privacy artifacts (e.g., security plans, POA&Ms, assessments) for the support of cloud services
- Provide management and coordination of security delivery for ongoing base operations as well as any investment initiatives that require security SME
- Work closely with Application and Product Owners to plan and prioritize operational compliance activities such as ATO re-certifications, environment security posture and remediations, and security site reliability engineering (SRE).
- identify improvements to regulatory security processes tooling and security architecture input for new initiatives and products, as part of investment track
- Provide security and privacy recommendations regarding cloud migration
- Provide security hardening of hardware and software platforms IAW FISMA and NIST SP 800-53.
- Support secure connectivity infrastructure and interconnection solutions that meet DHS CISA Trusted Internet Connection (TIC) 3.0 requirements.
- Support encryption for data-at-rest and data-in-transit utilizing cryptographic modules that are FIPS 140-2 compliant
- Support automated scanning of vulnerabilities and security baseline compliance across cloud accounts including virtual machines, containers, web application and databases.
- Support broad range of security processes including vulnerability management, patch management, configuration management, security monitoring, antivirus and malware detection, security information and event management, security incident response, and FISMA reporting
- Provide Identity and Access Management (IAM) solutions including role and attribute based access control configurations, multi-factor authentication, federated identity and single sign-on
- Investigate security incidents, recommend corrective actions and mitigation
- Support supply chain risk management of hardware and software
This opportunity is contingent upon award.
Required Education & Experience:
- Minimum of a Bachelor’s degree; Master’s preferred; other work experience and certifications considered in lieu of degree requirements
- Ability to obtain a Public Trust
- 10+ years establishing, managing and maturing security and compliance programs in federal and private sector focused on delivering complex Security IT solutions, resolving business challenges through technical implementation
- 5+ years of experience with cloud platforms and services, including AWS, Azure, and GCP.
- 5+ years of experience with governance, risk assessment and compliance for FISMA, FedRAMP, and NIST SP 800 series including NIST SP 800-37 and NIST SP 800-53, system security plans, security and privacy controls, POA&M management, assessment and authorization (A&A), Authority To Operate (ATO) and continuous monitoring processes
- Experience with the protection of IaaS, PaaS, SaaS and hybrid multi-cloud environments with a broad set of security technologies and processes with application security, data security, network security, encryption, key management, identity and access management, cloud access service brokering, zero trust networking
- Experience with DHS CISA Continuous Diagnostics and Mitigation (CDM), and Trusted Internet Connection (TIC) 3.0 Reference Architecture
- Understanding of Agile and DevSecOps industry standard practices including security assessments of code through the Continuous Integration / Continuous Deployment (CI/CD) pipeline
- Understanding of containerization and serverless technologies
- Strong attention to detail and organizational skills.
- Excellent communications skills.
- Strong analytical and problem solving skills.
- CISSP certification (desired)
- Relevant AWS Certified Solution Architect or Azure Solution Architect certification (desired)
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.