Security Architect, Risk, Policy & Compliance Software Development
Our client has requested @Orchard help in finding an experienced professional with extensive knowledge surrounding Security Architecture as it pertains to managing the IT infrastructure for a software development environment supporting Federal Government clients. Work will include all aspects of risk assessment, policy creation, and oversight, as well as Compliance with regulatory environments.
The primary work location will be the company headquarters in Hanover Maryland, and owing to company and Federal client requirements, all individuals will need to either provide proof of vaccination against COVID-19 or a verifiable reason for being unvaccinated. Owing to the nature of the work, and ultimate client, all eligible consultants must be US-Citizens.
As the Security Architect you will be responsible for;
- The design, and execution of the security policies and procedures for the company’s networks.
- Have demonstratable expertise in supporting an Apple (macOS, iOS, iPadOS) environment through the use of JAMF software, combined with Google Workspace
- Coordinating with the IT team to determine hardware and software needs and correct security posture to enable operations.
- Providing technical leadership to project management efforts in determining project scope schedule and resourcing.
- Coordinating with technical writers to develop clear internal and external documentation.
- Assessing and implementing compliance with Federal and contractual obligations for cyber security.
- Review vendor contracts and coordinate IT purchases (hardware, software, and services) to ensure effective deployment of solutions aligned with user needs.
- Overseeing inventory tracking and supply chain risk mitigation.
- Assisting the current DevOps team with implementation, determination, and validation of controls on development networks.
- Collaborating with IT, InfoSec, Compliance, and legal teams to set tool guidelines, standards, and policies.
- Maintaining a security and compliance-focused approach to design, configuration, and administration.
- Collaborating with users to discuss computer data access needs, identify security threats and violations, and identify and recommend needed programming or process changes.