Cyber Security Solution Architect (SME) (Government)
- Columbia, MD
AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers' mission.
The team operates and maintains the Cyber-Security for the Department of Homeland Security (DHS) to protect Federal Civilian Executive Branch (FCEB) Departments and Agencies from Cyber-Security threats.
AT&T has an opening for a Cyber-Security Solution Architect (SME) to support DHS, to provide FNPS Service Delivery. We are looking for individuals who excel in fast paced environments and seek out learning new technologies.
You will be responsible for s ecuring enterprise information by developing and supporting security technologies, services, and capabilities across the network.
Designing, developing, implementing, and reviewing information technology hardware, software, and networks that enhances security of internal information and assets using proven industry best practices to manage the entire development lifecycle; thoroughly documented solution including candidate configurations, reusable deployment SOPs/MOPs, requirements testing, operational hand-off, etc.
- Develops threat models and associated security architectures/requirements, and design appropriate mitigations.
- Secures Enterprise information by developing and supporting security technologies, services, and capabilities across the network plus design and develop migration strategies.
- Designs, develops, implements, and reviews IT hardware, software, and networks that enhances security of internal information and assets.
- Reviews solution data flows to ensure secure designs.
- Monitors security environment and identifies security gaps
- Identifies new and emerging threats and participates in documenting standards and policies to address these experiences.
- Communicates findings and recommendations to executives, peers, and partner teams in clear, concise, and accessible manner.
- Analyzes technology dependencies and develops alternatives for managing risk.
- Plans and implements Tech Refresh across the Enterprise.
Top Secret clearable to DHS TS/SCI (#topsecret)
- Experienced/familiar with operating system security models/mechanisms.
- Familiar with web security models, mechanisms, and technologies.
- Experienced in threat modeling and weaknesses analysis.
- Experienced conducting/directing penetration testing and security audits and related documentation.
- Ability to thrive in a self-directed, fast-paced environment, that is highly collaborative and multi-functional.
- Understands of the latest technologies, security issues, and protocols.
- Experienced in designing, developing, and building of cloud security architecture for large networks.
- Experienced with Azure or Google PaaS and IaaS.
- 6+ years in Information Security with strong technical knowledge of security principles, best practices, technologies and processes including software development, systems engineering, systems integration, and technology evaluation.
- Bachelor's degree or higher OR experience commensurate with a post-secondary degree.
- Knowledge of Information Security technologies such as authentication, authorization, cryptography, encryption, auditing, evidence preservation, risk management and applicable tools such as virus protection, perimeter controls, firewalls, intrusion detection and data leak prevention.
- Knowledge of Information Security Frameworks such as ISO 27001 and 27002, Information Technology governance frameworks such as ITIL and application development and System Development Life Cycle (SDLC) methodologies.
- Certifications desired (any of the following):
- AWS Certified Solutions Architect
- Google Certified Professional Architect
- Microsoft Azure Solutions Architect
- MS in a related field a plus or equivalent experience
- 10+ years' experience
- Prior DHS Experience
- Experience contributing to open source projects, especially in the area of security vulnerabilities
- Governance of Enterprise IT (CGEIT)
- Global Information Assurance Certification (GIAC) Security Expert
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM)
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V
Back to top