IT Security Architect 4

The Client is seeking a Senior Security Architect to serve the VDOT leadership in the domains of Application, Data and Technology Security through the development of architecture patterns, briefs, reports, and targeted security risk analyses.

Responsibilities:

Design/Institutionalize Enterprise Security/technology Patterns

Assist teams on initiatives, providing tactical and architectural considerations on legacy solutions

Evaluate new implementations while navigating a complex organizational environment with diverse stakeholders to accurately present the scenario, and present sound analyses and recommendations with steps for approval and implementation

Manage a body of work independently, leveraging available process documentation, templates, systems and resources.

Assist in issue resolution, communicating concerns effectively to the right personnel, operationalizing Security Architecture practices and extending the scope of ITD Governance and Security Architecture.

Create and socialize clear, impactful and polished architecture artifacts, such as:

Standards and guidelines

Management Briefs

Security Training

Updated processes

Knowledge Base articles

PowerPoints

Visio Process Diagrams

PowerBI Dashboards

Excel Reports

Collaborate with Business areas and cross- functional Enterprise Architects to fully understand business needs and provide strategic consultation on data security and risk-averse implementation.

Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and exception documentation.

Support Vulnerability Management by ensuring VM data quality and ingestion for remediation team execution.

Integrate Security into Architecture Roadmaps by developing artifacts and ensuring other architects' roadmaps contain integral security measures and best practices.

Research and share findings of architecture governance, controls, and peer review processes and projects with regards to platform technology, security, and cloud.

Document process diagrams and script narratives/executive summaries.

Create Business focused documentation for diverse technical audiences.

Research and provide written guidance on alignment with security policies/standards.

Partner with architects, other technical team members and to develop roadmaps and strategies to support agency KPIs

Qualifications:

State/Industry experience in information security and IT risk management with a focus on security, performance, and reliability.

Federal/State compliance and standards alignment experience reviewing proposed changes for programs and projects.

Policy Development experience, utilizing, and presentation of information security architecture policies, standards and procedures

Monitoring information security compliance experience with information security architecture policies and standards.

Information security framework experience like NIST 800 Series, CSF and COBIT.

Substantial technical expertise in at least two areas:

Cloud technologies

Identity and access management (IAM)

Vulnerability Management

Firewalls

Computer Forensic Techniques

Databases

Collaboration Tools

Web and Mail Services

Security direction and design inputs experience with information security capabilities, and strategic technology alternatives.

Communication and collaboration experience with excellent written and oral communication and presentation skills, and the ability to simplify technical terms and collaborate with diverse personnel.

Demonstrated experience working with a broad cross-section of personal including all levels of management and external entities such as VITA consultants and service providers to explain and security measures and collaborate and disseminate security related information in partnership with the Office of Information Security

Fast-Paced environment experience with experience acquiring new skills/knowledge to meet customer needs.

Customer perspective experience understanding IT customers' priorities and the business criticality of platforms, applications and services.

Skill

Required / Desired

Amount

ofperience

Knowledge and application of security best practices

Required

7

Years

Demonstrated experience creating executive-facing security recommendations

Required

7

Years

Knowledge of IT Governance and Compliance

Required

3

Years

Experience in business writing and presenting

Required

3

Years

Educational or Career Experience in Cybersecurity, Government technology implementation, IT Governance or related field(s).

Required

4

Years

Demonstrate experience in Risk-Based analysis

Required

7

Years

Experience in Process Modeling (Visio)

Required

3

Years

PowerBI Experience in Data Visualization and Reports

Desired

3

Years

SharePoint Organizing, sharing and retrieving resources

Desired

3

Years

IT Security Architect

Permanent