Security Architect
Job Description
OVERVIEW :
You would be responsible for helping to create, evolve, document, and implement security development and deployment practices for a product that’s delivered both on-premises as well as to the cloud.
This work would include evaluating and disseminating information and recommendations from resources such as NIST, OWASP, MITRE, and other sources of security information and best practices.
This work would also include with the assistance of the rest of the development team implementing these security controls and practices as part of the software development process, supplying guidance and requirements for deploying our product on-premises, and creating a secure environment for our upcoming cloud offering.
Our product is a .NET Core application (with some TypeScript and Python components) backed primarily by PostgreSQL, that serves both a web frontend and REST API.
The application source is hosted in GitLab, and we use merge requests and GitLab CI to manage our code contribution workflows.
Required Skills
REQUIRED QUALIFICATIONS :
- Experience maintaining a secure software supply chain (monitoring for CVEs, creating SBOMs, etc.)
- Experience evaluating security best practices and applying them to processes and assets
- Experience reviewing code and architecture to identify potential security issues
- Experience writing internal documentation around security evaluations and decisions
- Experience with security monitoring infrastructure (log analysis, web application firewalls)
- 8+ years of experience
- Familiarity with writing infrastructural code in support of security goals (abstractions, constraints, etc.)
- Familiarity with working with developers to help them learn and self-apply secure development principals
- Familiarity with government / industry security auditing processes
- Specific familiarity with web security concepts and best practices (TLS / HTTPS, common web vulnerabilities, federated authentication, etc.)
CLEARANCE :
US Citizenship minimum
Desired Skills
DESIRED QUALIFICATIONS :
- Specific familiarity with government programs pertaining to secure application development (STIGs, APL, NIAP)
- Specific experience with the Microsoft web application development stack (C#, .NET, ASP.NET)
- Specific experience with AWS security tooling
- Experience with static application security analysis tools
About Procession Systems
About us
Expert Systems Architect - Sensor Integration - Security Clearance Required
Enterprise Architecture, Solution Architecture, Data Architecture, Department of Defense Architecture Framework (DoDAF), or Intelligence Community's (IC) Program Architecture Guidance (PAG). Creating new architecture designs and integrating new architectural features into existing infrastructures wh...
Systems Architect (MBSE / Systems Modeler) (Focus: GEOINT Ground System) - Security Clearance Required
The successful candidate will assist the customer in defining enterprise systems architecture strategy, providing leadership, oversight, and technical guidance, and performing cross-discipline activities required to support enterprise architecture modeling, decision-making, and assessment of alterna...
Senior Data Architect - Security Clearance Required
ECS plays an integral role in providing Data Architecture support for the Army Global Force Information Management (GFIM) Program. The Data Architect will be responsible for the modeling of data assets for in support of the GFIM Modernization effort. Development of the conceptual and logical data mo...
Enterprise Architect Chief - Security Clearance Required
SAIC seeks an experienced, results-oriented, mission-driven Chief Data Architect to design and implement enterprise-wide data architecture and the development of the data management platform in support of national security objectives. Chief Data Architect will drive the creation and implementation o...
Cloud Security Architect in United States
Key Responsibilities:Creating, constructing, and sustaining cost-effective, scalable hybrid-cloud systems using AWS and VMware technologyDesigning and implementing cloud security strategies and policiesConducting security assessments, audits, and collaborating with IT professionals for integrationRe...
Business Development Intelligence Community Software Transformation Solutions Architect - Security Clearance Required
Are you a strategic visionary in the realm of technology, eager to lead the charge in crafting cutting-edge solutions that exceed expectations? SAIC is in search of an Intelligence Community Software Transformation Solutions Architect to join our esteemed Enterprise Solution Architect team. Extensiv...
Lead Azure Security Architect
Azure Security Engineer Certification, Microsoft Cyber Security Architect Certification, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP). Security Controls Implementation: Implement and configure security controls and tools within Azure, such...
IT Security Architect in Richmond, VA Hybrid
As a senior member of the IT team, a Security Architect will also help cultivate a culture of security awareness, continuing education of personnel, and to ensure security policies are adhered to at all times. The Security Architect will help the team plan, research, and design security architecture...
IT Security Architect 4
Ensure that the security requirements necessary to protect the organization's missions and business processes are adequately addressed in all aspects of the architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business p...
IT Security Architect 4
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition document. Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organiza...