Cybersecurity Architect/SME

Job Description

Job DescriptionSalary:

ABOUT THE ORGANIZATION

WE HELP OUR CLIENTS DO BUSINESS BETTER!

T. White Parker is a results-focused IT and management solutions firm that helps public and private sector clients operate smarter, faster, and more securely. From driving strategic transformation and digital modernization to delivering data-driven insights, AI-powered operations, and Zero Trust cybersecurity, our professionals are problem solvers, critical thinkers, and masters at execution. T. White Parker brings the skills and solutions that move organizations forward.

We offer competitive benefits including unlimited PTO!

DESCRIPTION

T. White Parker is seeking an experienced and highly skilled Cybersecurity Architect/Subject Matter Expert to assist our client in building, operating, and improving an effective cybersecurity program. This role will serve as a technical lead guiding our clients and cybersecurity teams in ensuring the security and integrity of our federal clients' data and information systems. This position involves all aspects of building, operating, and improving a federal cybersecurity program.

The ideal candidate will have extensive experience in helping clients design, implement, operate, and improve cybersecurity programs. This candidate must have advanced knowledge in Cybersecurity and Zero Trust (ZT) principles and leadership experience in leveraging industry and federal cybersecurity best practices and frameworks, complying with federal cybersecurity policies, and implementing ZT among other related cybersecurity functions.

The ideal candidate will be able to earn the trust of clients by exhibiting a strong command of cybersecurity, ZT principles, and cybersecurity and technology operations. The ideal candidate must have exemplary oral and written communication skills and be adaptable to change, a self-starter, and executive-facing.

Primary job duties and responsibilities include, but are not limited to the following:

• Gaining a complete understanding of all aspects of the clients organization, infrastructure, and technology stack to inform the design, implementation, and operation of an effective cybersecurity architecture and program.
• Researching, designing, and building robust and federally-compliant cybersecurity architectures that protect federal information systems from emerging threats.
• Providing expert guidance on cybersecurity best practices, controls, policies, and emerging technologies.
• Leading the development and integration of ZT solutions to protect federal agencies critical infrastructure, including identity, network, data, and application security.
• Leading the development and implementation of federally-compliant cybersecurity strategies, solutions, policies, procedures, controls, and standards
• Providing guidance on how to architect/design, leverage, and operate, various operational platforms, including Identity Credential Access Management (ICAM), Security Information and Event Management (SIEM), Security Orchestration Automation & Response (SOAR), and Privileged Access Management solutions.
• Performing security assessments, vulnerability analyses, and risk management activities to identify and mitigate potential threats.
• Determining, implementing, and maintaining strong authentication and authorization mechanisms, such as multi-factor authentication (MFA) and role-based access control (RBAC).
• Developing of ZT mitigation strategies.
• Monitoring and responding to security events and incidents, conducting thorough investigations, and implementing corrective actions.
• Overseeing the deployment and management of security tools and technologies such firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) systems, including Splunk and CrowdStrike.
• Designing and deploying strategies to isolate systems and limit unauthorized lateral movement within the network.
• Implementing tools and processes for continuous security monitoring, analytics, and threat detection.
• Designing and enforcing ZT principles within cloud environments.
• Collaborating with cross-functional teams to ensure cybersecurity measures are integrated into all aspects of IT operations and to ensure ZT principles are embedded into all systems.
• Collaborating with IT and development teams to integrate security measures into all stages of the system development lifecycle.
• Preparing and presenting reports on the status of cybersecurity initiatives and risk management to senior management.
• Staying current with the latest cybersecurity trends, threats, and technologies, and recommending appropriate measures to mitigate risks.
• Developing security awareness programs that educate staff about cybersecurity (including ZT) policies and best practices.
• Ensuring compliance with federal cybersecurity frameworks, policies, requirements, regulations, and compliance frameworks (e.g., FISMA, NIST, 800-207, Executive Orders, ISO 27001, CISA, FedRAMP, etc.).

MINIMUM POSITION REQUIREMENTS

• U.S. Citizens in the Metropolitan DC, Maryland, & Virginia Area Only
• Masters degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field, PLUS 10+ years of relevant professional experience in cybersecurity or a related IT field OR a Bachelors degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field, PLUS 15 years of relevant professional experience in cybersecurity or a related IT field
• One (1) or more cybersecurity-related certifications (e.g., Certified Information Systems Security Professional [CISSP], Certified Ethical Hacker [CEH], Certified in Risk and Information Systems Control [CRISC], Certified Cloud Security Professional [CCSP]), CISM Certified Information Security Manager, and/or Security+)

• Minimum of 5 years of experience and advanced-level expertise in conducting IT security audits and risk assessments, leveraging related frameworks, and complying with industry and federal cybersecurity frameworks, policies, requirements, regulations, standards, and/or compliance frameworks (e.g., FISMA, NIST 800 series, ISO 27000 series, CISA requirements, IT General Controls, FedRAMP, etc.)
• Regarded as a senior Cybersecurity professional or Subject Matter Expert within the last year
• Expert-level knowledge and experience in applying cloud security practices and technologies
• Extensive knowledge and experience using security tools and technologies such as SIEM, IDS/IPS, firewalls, and endpoint protection
• Advanced knowledge and recent experience using Splunk
• Advanced knowledge and recent experience using Crowdstrike
• Extensive experience in conducting security audits and assessments
• Strong command of CISA's Zero Trust Maturity Model and other related U.S. federal ZT guidance and requirements
• Advanced network/enterprise security architecture skills to address ZT Architecture and implementation
• Familiarity with ZT solutions and capabilities
• Intermediate level understanding of network security, cloud security, and endpoint security
• Ability to effectively communicate complex cybersecurity concepts to non-technical stakeholders and senior leadership
• Excellent analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Ability to effectively collaborate in both a virtual and in-person environment
• Self-starter, proactive, quality-focused, and team player
• Ability to obtain and maintain a Public Trust Security Clearance

DESIRED (but not required) QUALIFICATIONS

• Experience helping federal agencies implement ZT
• Additional Cybersecurity-related certifications
• Splunk Enterprise Security Certified Administrator certification or other related Splunk certification

• Experience working in the federal sector
• Experience with advanced persistent threat (APT) detection and threat intelligence

EOE STATEMENT

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual-orientation, or any other characteristic protected by law.