• Cyber Security Architect

    Posted Date 2 months ago(7/21/2019 1:13 PM)
    Requisition #
    6863
    Security Clearance
    None
    FT/PT/On-Call
    Full Time
    Job Category
    Information Security Engineering
    Location
    US-MD-Woodlawn
  • Responsibilities

    As a Cyber Security Architect at Noblis, you will support our federal agencies with their Cyber Risk and Data Protection requirements.  You will leverage comprehensive technical knowledge of security principles and technologies to support the design security architectures and protect critical data and information. You’ll work with and advise federal technology executives at the C-level, as well as Security teams, to design and deploy security architectures in alignment with enterprise security priorities, regulations and requirements in the face of existing and evolving threats.

     

    As a Cyber Security Architect at Noblis you will be part of our Center for Medicare & Medicaid Services (CMS) account team and one of the leaders of our Cyber Center of Excellence (CoE). You will be working with CMS leaders and other government clients to improve cyber and organizational risk profiles. 

     

    The CMS is the largest healthcare coverage provider with over 145 million Americans that rely on the programs CMS administers including Medicare, Medicaid, the Children’s Health Insurance Program (CHIP), and the Exchanges.  CMS processed 1,250,257,000 claims and paid providers $701.8 billion dollars in FY 2018.  These systems are supported by an IT budget of $2.8 billion, as reflected in the FY 2019 Operating Plan.  

     

    In this principal role you will lead our data protection and privacy capability and assist our clients with the design and implementation of targeted solutions that meet and exceed the requirements of best practice, ethical operations, and regulations.  As part of our team, you will perform the following:

     

    Technical Advisory:

     

    Assessment: 

    • Advise clients in understanding the future state problems and challenges in cyber security and work collaboratively with them to enhance capabilities.
    • Document and address client agencies’ information security, data protection, cybersecurity architecture, and systems security engineering requirements.
    • Perform Security Assessments of environments using industry standard frameworks such as ISO, CSA and NIST.
    • Ensures enterprise security architecture appropriately identifies and provides solutions for security requirements established in the National Institute of Standards and Technology (NIST) Cybersecurity Framework, PCI and Health Insurance Portability and Accountability Act (HIPAA). Ensure security architecture is built and maintained in accordance with major, industry-leading frameworks.

    Design:

    • Assist federal client executives in the designing technology and process solutions to deploy and manage their security strategies and reduce data compromise .
    • Develops information technology (IT) rules and requirements that describe baseline and target architectures.
    • Secure the integration of multiple environments (both IT and OT) across on-premise, multi-cloud, and hybrid architectures
    • Design and develop security policies, standards and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.
    • Assist federal clients with evaluating security vendor solutions as an objective subject matter expert, and develop architecture & design, and testing of data protection and data security solutions

    Implementation:

    • Assist federal clients in deploying and managing technology and process solutions to reduce the potential of data compromise.
    • Develops and maintains business, systems, and information processes to support enterprise mission needs.

    Thought leadership:

    • Engage federal agency clients in developing innovative solutions to address their tactical and strategic needs.  
    • Remain current on industry trends around cyber risk and data protection practices, and security technologies, tools and services to make recommendations for their use based on agency security criteria.
    • Actively serve as a leader in the Noblis Cyber Center of Excellence, which is a company cross-collaboration environment in which Cyber Security colleagues exchange information and share best practices in support of client security architectures.  
    • Contribute to Noblis Sponsored Research projects, by developing new capabilities for clients.
    • Liaise with other security architects and practitioners to communicate security practices and processes.
    • Lead, conduct analysis and recommend process improvements that fosters agility, innovation and cost savings
    • Participate in the development of Whitepapers, articles, presentations and other technical materials relevant to security topics.

    Client engagement:

    • Interface directly with our CMS C Suite and senior management clients.
    • Create accurate reports, supported by objective analyses, in order to facilitate decision-making
    • Develop presentations and reports conveying complex information to non-technical audiences
    • Innovate using lean and agile methodologies and tools (e.g., JIRA, Confluence, HipChat)
    • Work with Noblis Senior Leadership to drive account growth by contributing to or leading RFIs / RFPs, identifying opportunities to provide solutions.
    • Provide overall task management to ensure day to day activities completed on time, with the highest quality, and are within the task on the contract.
    • Provide technical direction and quality review to junior team members in the creation of client deliverables.

    Qualifications

    • Minimum of a Bachelor's degree or equivalent experience (Science, Technology, Engineering or Mathematics)
    • Experience with leading implementation teams or hands-on implementation of encryption solutions for structured and unstructured data
    • Knowledge of practical risk trade-offs in encryption systems design and implementation
    • Knowledge of key management life cycle principles and centralized key management approaches
    • Knowledge of industry encryption standards, including NIST SP 800-57, ISO/IEC 18033, and FIPS 140-2
    • Knowledge of Continuous Diagnostics and Monitoring (CDM)
    • Experience with cloud encryption solutions
    • Understanding of Key Management Interoperability Protocol (KMIP)
    • Knowledge of emerging authentication standards like SPNEGO, OAUTH, OpenID Connect
    • Knowledge of the Federal Information Security Act (FISMA) and Authority to Operate (ATO) process
    • Understanding of the Federal Risk and Authorization Management Program (FedRAMP)
    • Experience/Knowledge of either of Kerberos, Active Directory (AD), or LDAP
    • Ability to thrive in an ever changing, technology-based consulting environment
    • Ability to translate technical requirements into business solutions including experience analyzing current state quantitative and qualitative data, summarizing findings, developing conclusions, and making strategic recommendations
    • Demonstrated leadership experience and ability to adapt, with willingness to readily take ownership of tasks and problems, which often extend beyond initial scope of responsibility
    • Excellent interpersonal and communication skills (verbal and written)
    • Initiative to actively seek new knowledge and improve skills
    • Experience developing proposals, request for information, and client presenting briefings
    • Proficiency in the use of Microsoft Word, PowerPoint, Excel and MS Project.

     

    Desired: 

    • CISSP Certification
    • Experience with hardware security modules (HSM)
    • Understanding of Identity Management
    • Hands on experience with one or more of the following: PKI, Venafi, HSM Certificate Lifecycle Management Application, Security Guardian, Data Encryption, Cryptography, Data Protection.
    • Proficiency with Microsoft Visio, JIRA, Confluence
    • Experience with task leadership or project management (SAFe or Scrum)
    • Master’s degree or higher degree in a related field
    • Agile Certifications, PMI Certifications
    • Experience working with Federal Government clients

    Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information.

    Noblis is an equal opportunity employer. 

    Overview

    Noblis and Noblis ESI are solving difficult problems that help our government and our country. As an independent, nonprofit organization, we bring the best of scientific thought, management, and engineering expertise with a reputation for independence and objectivity. As a nonprofit management consulting organization, we support a wide range of government and industry clients in the areas of national security, intelligence, transportation, healthcare, environmental sustainability, and enterprise engineering. Our work makes an impact ensuring our nation’s vitality and security.

      

    Why work at Noblis?

    Noblis employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public.

     

    Over the past two decades, Noblis has consistently earned wide recognition:

    1. Best Employer:We have been a Washington Post “Top Workplace” for 6 consecutive years (2019, 2018, 2017, 2016, 2015, 2014), including three among the top 10. We’ve also been recognized by Glassdoor “Best Medium-Sized Company to Work For” for 2 years, and received many similar awards in previous years.
    2. Business Ethics and Integrity:We have been recognized by Ethispere Institute as a “World’s Most Ethical Company” for 8 years, and a Finalist at the Greater Washington Government Contractor Awards.
    3. Leadership and Innovation: Our Chief Executive Officer (CEO), Amr ElSawy, was selected to Executive Mosaic’s annual Wash 100 List and as a “Tech Titan” by the Washingtonian Magazine.

    Client Engagement

    · Contribute to large capture strategies, actively engage with clients, and market Noblis capabilities externally
    · Foster appropriate identification and selection of business development opportunities, and provide thought leadership to help shape future work
    · Win 2 task orders, identify big bets or take responsibility for a re-compete

    Apply for this job

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Want to know about available job opportunities at Noblis? Want to receive personalized alerts with jobs that match your skills and interests? Join the Noblis Talent Connection.