Sr. Security Systems Architect
Responsible for developing; recommending; implementing; and communicating information technology (IT) system security strategies; measures; policies; practices and standards to ensure that Company information assets are secure from all forms of cyber attacks (internally and externally) that can potentially lead to any disruption of business; loss of information; or misuse of any Company property or electronic information. Oversee the performance of vulnerability risk assessments and remediation's; analyze and review firewall configurations; manage security compliance; and utilize security detection and audit tools. Develop and deliver communications to senior management regarding strategic security risks and threats. Develop and provide security training; review and recommend security technologies and techniques; and support security related projects. Provide oversight and guidance to less experienced team members. MAJOR ACCOUNTABILITIES:1) Ensure a secure environment by leveraging information security tools for prevention; detection; and recovery. Review; recommend; implement; and maintain all security technology products within the security domain. Lead process to identify and implement information security tools. Provide inventory management of all tools and methods that are utilized.2) Develop; recommend; implement; and communicate Information Security strategies to ensure Company assets are secure from all forms of cyber attacks (internally and externally) that can potentially lead to any disruption of business; loss of information; or misuse of any Company property or electronic information.3) Manage; administrate; integrate and implement security applications--VA; DLP; SIEM; Logging Aggregation; Virus/Malware; Web Filtering; IDS/IPS across an enterprise.4) Design; implement; and maintain IT security measures in accordance with customer's security policies and procedures to ensure customer assets are secure from all forms of cyber attacks (internally and externally) that can potentially lead to any disruption of business; loss of information; or misuse of company property or electronic information.5) Develop; lead; and administer security risk assessments and threat modeling. Identify system vulnerabilities by developing and administering vulnerability scans; security risk assessments and threat modeling. Implement and coordinate remediation activities.6) Develop; recommend; implement; communicate; and enforce IT security policies; procedures; practices; standards; and guidelines. Perform compliance audits and recommend corrective action.7) Collaborate with internal and external audit teams to provide reports and technical support for all security related items within IT.8) Document exception reports; audit/review reports; technical/process recommendations; reporting of security statistics/metrics; technical standards; procedures; and guidelines.9) Develop and deliver IT security training to ensure relevant stakeholder and targeted system users maintain current knowledge regarding IT system security; policies; and processes.10) Support the development of Disaster Recovery (DR) and Business Continuity plans (BCP). Participate in periodic DR/BCP tests and exercises. 11) Develop and deliver communications to senior management regarding strategic security risks and threats. Oversee the communication activity of systems security staff to front-line management and tactical staff.12) Develop and coordinate the execution of IT system risk management methodologies (i.e. asset protection; business continuity). Identify system vulnerabilities and recommend improvements or corrective action.13) Provide direction; guidance; and oversight to less experienced team members.14) Engage in critical infrastructure protection (CIP) and security architecture design and solutions development to include (but not limited to): Protecting Industrial Control Systems; designing and applying security measures to customer environments as prescribed by industry standards such as Presidential Policy Directive 21 (PPD-21) and to provide critical Infrastructure security and resilience to reduce the risk to critical infrastructure by physical means or defense cyber measures to intrusions; attacks; or the effects of natural or manmade disasters. Education Bachelors degree in Computer Science; Business or related field degree and five (5) years related IT experience or an equivalent combination of education and relevant work experience totaling which typically totals nine (9) years combined education/work and includes five (5) years IT experience in three or more areas (i.e. infrastructure; network; Client Server; application; desktop OS; project management) and/or three (3) years of practical information security experience. One or more senior Information Security certifications (e.g. CISSP or GIAC) required. Qualifications Extensive experience of related systems engineering experience (15-20 years preferred). Demonstrated experience with security event logs from Windows; Unix; intrusion detection systems; network; and remote access solutions. Thorough knowledge in the following areas: Standard application platforms; Windows; UNIX; database environments; securing web-applications; and cyber forensic investigation techniques and tools. Experience integrating; managing and implementing security applications--VA; SIEM; DLP; Virus/ Malware; Web Filtering; IDS/IPS and firewall systems across an enterprise. General knowledge of Linux; PERL Scripting and SQL. Experience using vulnerability scanners such as NESSUS; NMap; and other assessment tools. Demonstrated experience in creating conceptual; logical and physical security diagrams; identifying technology-based security tools; and experience inserting information security controls and checkpoints into the application design process. Thorough understanding of vulnerabilities and countermeasures. Information Security technology/compliance experience. Familiarity with major regulations such as Sarbanes-Oxley and NERC CIP preferred in the Physical Security space and NIST Risk Management Framework and FISMA for IT and Computer Network Defense (CND) compliance. Demonstrated experience developing and managing Disaster Recovery/Business Continuity Plans; and tests and exercises of such plans. Detailed understanding of TCP/IP and related communication protocols; Windows authentication mechanisms (Kerberos; NTLM; AD); networking technologies; routing and switching; and risk analysis and risk management methodologies. Ability to manage multiple priorities and work effectively in a fast-paced; high volume; deadline-driven environment. Ability to rapidly assess a situation and identify; isolate and communicate problems and issues. Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists. Broad working knowledge of Microsoft Office applications. As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.