Security Architect/Engineer

Job Family:

Cyber Consulting

Travel Required:

None

Clearance Required:

Active Secret

What You Will Do: ​

Guidehouse is seeking a knowledgeable Security Architect/Engineer to join our expanding Cybersecurity practice. The ideal candidate will be responsible for designing, building, testing, and implementing security systems within an organization’s IT network. A Security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.

Duties and responsibilities include:

• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.

• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations.

• Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.

• Employ secure configuration management processes.

• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.

• Develop, review, and approve installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.

• Determine security protocols by evaluating business strategies and requirements.

• Develop project timelines for ongoing system upgrades.

• Review system security measures and implements necessary enhancements.

• Conduct regular tests and monitoring of network security.

• Conduct system security architecture review and design target-state architecture to meet security standards and compliance requirements.

• Demonstrated experience with cybersecurity policies, tools, and architecture.

• Certification: AWS Certified Solutions Architect (Professional), AWS Certified Security (Specialty), MCSE (Cloud Platform and Infrastructure), or Microsoft Certified Azure Solutions Architect Expert

• Demonstrated experience architecting, designing, and presenting AWS architecture including infrastructure components.

• Demonstrated experience communicating services migration strategies to key stakeholders.

• Demonstrated experience identifying and converting technical requirements of a project into a secure cloud architecture design.

• Demonstrated experience migrating systems to IaaS. 

• Strong knowledge of FISMA, FedRAMP, NIST SP 800-53 and other federal cybersecurity related policies, directives, and mandates.

• Extensive knowledge of application of security technologies including SIEM, DLP, WAF, IPS, firewall, and related tools

• Demonstrated ability to work independently under general direction.

• Assess current architectures and configurations and recommend enhancements.

• Document the current and target architectures.

• Advise on roadmaps and implementation plans for enhancements.

• Lead technical initiatives, including hands on configuration, design, and support.

• Work across multiple stakeholders to understand needs, concerns, and risks.

• Identify, document, and recommend changes to improve quality of service, cost efficiency, cost effectiveness and utility of IT services.

• Implement new or replace existing implementations for security services.

• Implement or modify capability to add a new source of data, and assist network and IT service organizations with design, documentation, and deployment planning for capability to monitor, assess, and report security events.

• Advise on key initiatives to include Zero Trust, Control Automation, Log Management, and SOAR.

• Complete meetings daily with the client, assist in building standards and metrics, assist in completing presentations for the client, and execute the daily tasks assigned to the role.

What You Will Need:

• An ACTIVE and MAINTAINED SECRET Federal or DoD security clearance.

• Bachelor’s degree

• THREE (3) or more years experience in architecture/engineering and/or deploying complex IT systems.

• Strong working knowledge of IT security architecture.

• Advanced understanding of security protocols.

• Experience implementing multi-factor authentication.

• Experience implementing security solutions.

• Great communication and interpersonal skills.

• Comfortable working on a team

What Would Be Nice to Have:

• An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance

• Master’s degree

• Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP) or related certification

• PMP certified.

• FIVE (5) or more years of hands-on experience with cybersecurity policies, tools, and architecture.

• TWO (2) or more years of experience architecting, designing, and presenting AWS architecture including infrastructure components and share services migration strategies to key stakeholders; identifying and converting technical requirements of a project into the secure architecture and design that will guide the final solution; ensuring the right security technology or technologies are implemented.

• TWO (2) or more years of experience migrating systems to AWS.

• TWO (2) or more years of experience designing and deploying systems aligned with Zero Trust Architecture principles, threat scenarios, reference architectures, and governance frameworks.

• The candidate must have client service experience and strong communication skills (both oral and written) and presentation skills.

• The ideal candidate will be highly technical and should possess an advanced understanding across a broad range of security technologies and will take a proactive approach to cyber incidents.

• Experience working with each phase of the Incident Response Life Cycle in NIST and ISO standards and hands-on experience in creating and executing cyber hunting missions.

• Problem-solving skills with the ability to handle challenges under pressure.

• Experience and proven track record of finding and responding to cyber threats and incidents. As a key member of the Cyber Security Solutions Incident Response offering team, flexibility, and broad knowledge of security processes, along with strong communication and collaboration skills will result in a successful candidate. 

• Direct hands-on expertise in the following areas of information security: knowledge of information security solutions including data loss prevention; intrusion detection and prevention; network security monitoring; and vulnerability management in global environments.

The annual salary range for this position is $113,000.00-$188,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.