Our client is looking for a business savvy, detail-oriented Cyber Security Architect to manage the SDLC / DISA STIG(s) / CSfC lifecycle cyber security requirements for its flagship software and hardware products. The successful candidate must understand the in’s and out’s of US Government security requirements related to Cyber Security [NIST / DISA / others], stay abreast of same and modify the program as requirements evolve. Be a trusted advisor to internal agile development and engineering teams.
Cyber Security Architect Responsibilities
What it takes: You are adept at ensuring alignment with cyber security requirements, business needs and various engineering teams focused on successful product delivery. You approach challenges with a solution-oriented mindset and a track record of success.
Partner with internal customers and teams to translate cyber security non-functional requirements into system level functional requirements and define a coordinated product development, software development, quality assurance – system development lifecycle – management and oversight approach that consistently exceeds expectations.
Provide technical advisory services from design, development and DevSecOps to internal customers.
Work closely with internal teams to continuously provide feedback for improvement.
Ensure alignment with compliance frameworks, security architecture standards and patterns.
Integrate DEV/SEC/OPS processes across Engineering, Software Development and Quality Assurance departments.
Educate, train and provide guidance for best practices to key team members.
Function as the Application Owner [in accordance with industry best practices] for:
DISA STIG requirements lifecycle;
NISTIR 8170 requirements lifecycle;
NISTIR 8011 requirements lifecycle;
NIST “Hardware Enabled Security”;
NIST Risk Management Framework requirements lifecycle.
Cyber Security Architect Qualifications
Ability to build positive relationships across multiple stakeholders, senior leadership team and department heads.
Clear and agile thinking and analysis that leads to win-win innovative solutions while delivering on-time and on budget.
Executive-level written and verbal communication skills, interpersonal and collaborative skills.
10+ years of enterprise IT experience.
Experience working with compliance framework for security (HIPAA, PCI, NIST or ITAR).
OWASP Web Services Framework, tools, methodologies, how best to integrate and leverage into existing and planned architectures.
OASIS Open Standards Framework, tools, methodologies, how best to integrate and leverage into existing and planned architectures.
Must be able to self-organize workloads and manage all deadlines.
Maintain a “voice of the customer” based approach to assigned tasks.
Keep the leadership team informed and up to date on ongoing operational issues, blockers, and constraints.
Drive tasks to completion with expected quality and quantity of work product.
Demonstrates a profound sense of ethics, integrity, and confidentiality-adhering to a core set of values in good times and in bad consistent with company vision and values.
Attention to detail a must.
Performance requires physical attendance.
Other duties as assigned.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.