• Develops threat models and associated security architectures/requirements, and design appropriate mitigations.
• Secures Enterprise information by developing and supporting security technologies, services, and capabilities across the network plus design and develop migration strategies.
• Designs, develops, implements, and reviews IT hardware, software, and networks that enhances security of internal information and assets.
• Reviews solution data flows to ensure secure designs.
• Monitors security environment and identifies security gaps
• Identifies new and emerging threats and participates in documenting standards and policies to address these experiences.
• Communicates findings and recommendations to executives, peers, and partner teams in clear, concise, and accessible manner.
• Analyzes technology dependencies and develops alternatives for managing risk.
• Plans and implements Tech Refresh across the Enterprise.

Required Clearance:

Top Secret clearable to DHS TS/SCI (#topsecret)

Required Qualifications:

• Experienced/familiar with operating system security models/mechanisms.
• Familiar with web security models, mechanisms, and technologies.
• Experienced in threat modeling and weaknesses analysis.
• Experienced conducting/directing penetration testing and security audits and related documentation.
• Ability to thrive in a self-directed, fast-paced environment, that is highly collaborative and multi-functional.
• Understands of the latest technologies, security issues, and protocols.
• Experienced in designing, developing, and building of cloud security architecture for large networks.
• Experienced with Azure or Google PaaS and IaaS.
• 6+ years in Information Security with strong technical knowledge of security principles, best practices, technologies and processes including software development, systems engineering, systems integration, and technology evaluation.
• Bachelor's degree or higher OR experience commensurate with a post-secondary degree.
• Knowledge of Information Security technologies such as authentication, authorization, cryptography, encryption, auditing, evidence preservation, risk management and applicable tools such as virus protection, perimeter controls, firewalls, intrusion detection and data leak prevention.
• Knowledge of Information Security Frameworks such as ISO 27001 and 27002, Information Technology governance frameworks such as ITIL and application development and System Development Life Cycle (SDLC) methodologies.
• Certifications desired (any of the following):
• AWS Certified Solutions Architect
• Google Certified Professional Architect
• Microsoft Azure Solutions Architect

• MS in a related field a plus or equivalent experience
• 10+ years’ experience
• Prior DHS Experience
• Experience contributing to open source projects, especially in the area of security vulnerabilities
• Governance of Enterprise IT (CGEIT)
• Global Information Assurance Certification (GIAC) Security Expert
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Security Manager (CISM)