IT Security Architecture Technical Lead - AWS

Job Family :

IT Cyber Security

Travel Required :

Up to 10%

Clearance Required :

None

What You Will Do :

Our Security Architecture Technical Lead - Amazon Web Services (AWS) is a technical leader focused on IT Security solutions research, design, implementation, testing, and documentation within the AWS environment. They will work hand in hand with the IT Security Architecture team, the IT Architecture team, and Solution Engineering & Architecture (SE&A) team on all solutions but are focused on the IT Security equities within the AWS environment. Effectively leads and manages complex IT Security Architecture projects that may span company-wide initiatives within scope, timeline, and budget. Applies technical knowledge to innovation and performance improvement while demonstrating critical thinking and sound logic when assessing problems and opportunities in generating solutions. Contributes to ensuring the current and future over the horizon capabilities of Guidehouse security systems, maintaining, and protecting Guidehouse and Client data within AWS to the NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, and HITRUST standards. Contributes to keeping Guidehouse abreast of all the best of breed capabilities within AWS that continue to make Guidehouse a technology pathfinder within the industry. Reports directly to the Chief Information Security Architect.

Job Function:

Assists in the organization, development and implementation of IT Security Architecture initiatives that support overall IT Security goals and objectives that may span company-wide initiatives

Demonstrates clear and effective written and verbal communication skills; delivered in a professional, respectful, and timely manner

Produces “client-ready” deliverables and help manage the quality of IT Security Architecture’s work products based on established or establishing KPIs and applicable professional standards and best practices, including appropriate methodologies, tools, and resources

Structures work product that clearly conveys complex issues; synthesizing various inputs to articulate a clear point of view, as needed

Identifies critical issues to be communicated and inform all appropriate stakeholders; adapting messages and approach based on the audience

Designs and implements security frameworks for applications hosted on AWS, ensuring they comply with regulatory requirements and industry standards

Documents and maintains the AWS security architecture framework

Assists in conducting risk assessments and security audits to identify vulnerabilities and recommending mitigations to enhance security posture

Collaborates with IT and development teams to integrate security practices into the DevOps pipeline, promoting a culture of security awareness

Configures and assists with management of AWS security services such as Identity and Access Management (IAM), Amazon Cognito, AWS Key Management Service (KMS), and AWS Shield to safeguard against unauthorized access and threats

Configures and assists with management of AWS specialized data classifications and data protection mechanisms

Designs and configures monitoring and alerts using AWS Security Hub in accordance with Guidehouse Policies, Standards, and Procedures

Assists with the development of incident response strategies and efforts to address security incidents and breaches, minimizing impact on business operations

Demonstrates active listening skills that contribute to deeper understanding of the team and client

Engages in complex technical discussions, ask open-ended questions where appropriate, suggest specific actions, and identify next steps

Demonstrates honest and professional behavior in all interactions

Helps keep the technical services provided to clients in compliance with regulations, laws, policies and procedures

Anticipates and proposes solutions for areas of potential risk; resolving and/or escalating issues when appropriate

Learns to assume and embrace an appropriate level of risk

Contributes to risk mitigation and contingency planning in alignment with IT Security leadership guidance

Uses creativity, analytical thinking, and good judgment to develop new technical solutions that solve complex problems

Identifies and incorporates improvements to systems or processes to enhance performance of IT Security programs/projects

Adapts to situational demands and model and encourage flexibility and willingness to take on diverse tasks across different areas/functions, working effectively in unstructured or unclear circumstances

Promotes the development of new technical knowledge and skills within IT Security Architecture team

Aligns work to support the execution of the strategy

Stays current on best practices and methodologies relevant to work

Facilitates discussions with stakeholders to ensure alignment on concepts and approaches, anticipating issues

Leads by example, presenting themselves and the company in a manner that always promotes a positive lasting impression of high quality, promptness, and professional service

Understands and properly manages client expectations in line with engagement scope; regularly communicate project status

Seeks out impactful ways to deliver a positive client/stakeholder experience and add value, acting with the best interest of the client and the firm in mind

Demonstrates subject matter expertise of AWS technologies and services, as well as knowledge of best practices in cloud security

Ability to participate in cross- functional discussions on projects and processes

Achieves operational targets with major impact on results

Facilitates discussions with external clients or stakeholders to ensure alignment on concepts and approaches

Demonstrates strong knowledge of project management

Influences others inside and outside of IT Security to justify practices, policies, and procedures

Introduces and applies fresh ideas and creative solutions to stimulate discussion and thinking in both internal and external situations

Regularly employs ingenuity and creativity to develop new technical solutions to solve difficult and moderately complex problems

Relies on extensive experience to independently develop approaches to solutions within IT Security Architecture

Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgement and identify innovative solutions

Responsible for making moderate to significant improvements of systems or products to enhance performance of programs/projects

Identifies and incorporates moderate improvements to systems or processes to enhance project performances within IT Security Architecture

Contributes to or manages large projects or processes with limited guidance or oversight, delegates work to lower-level employees and reviews others' work products

Responsible for providing guidance, coaching, and training to other employees across the Company within technical area of expertise. Typically, responsible for leading large, complex project initiatives of strategic importance to the organization, involving large cross-functional teams (without direct reporting relationships)

What You Will Need :

Bachelor’s Degree, plus 6 years of professional experience OR (10 years of professional experience can be substituted for degree)

Clearance: Ability to obtain a National Security Clearance or a U.S. Federal Government Public Trust

Must be able to work East Coast US business hours

Experience working with executives

Extensive experience with AWS environments, network security, and information security principles

Experience configuring and managing AWS security services such as Identity and Access Management (IAM), Amazon Cognito, AWS Key Management Service (KMS), and AWS Shield to safeguard against unauthorized access and threats

Extensive experience with AWS Security Hub

Experience with AWS Control Tower

Experience architecting IT General Controls

Working knowledge of NIST SP 800-171 and NIST SP 800-53

Experience managing multi-geographic cloud resources while implementing controls compliant with NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, HITRUST, or GDRP

Experience documenting processes and procedures to comply with required NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, HITRUST, or GDRP

Significant demonstrated experience working with cloud first solutions that are implemented globally

Experience SIEM architectural design, such as Splunk or AWS Security Hub to support incident response and proactive threat hunting

Working knowledge of ZeroTrust environments, implementation strategies, and best business practices within AWS

Experience architecting data loss protection (DLP) and sensitive information management within AWS

Experience architecting external entity federations and external authentication strategies within AWS

Ability to work on many concurrent, and changing priorities

Action-oriented and able to manage and meet aggressive timelines and deadlines

Strong analytical skills, attention to detail, and effective communication abilities are essential

Must have excellent organizational and time management skills

What Would Be Nice To Have :

Computer-related Degree OR cyber field related or Master's with 2-4 years of experience

Experience working with US Federal Law Enforcement and/or Intelligence Communities

Shall possess one OR more of the following certifications OR equivalent:

AWS Certified Cloud Practitioner Foundational

AWS Certified Security Specialty

AWS Certified Solutions Architect Associate

AWS Certified Solutions Architect Professional

AWS Certified DevOps Engineer Professional

AWS SysOps Administrator Associate

AWS Certified Data Engineer

AWS Machine Learning Specialty

(ISC)2 Certified Information Security Professional (CISSP) – Information Systems Security Architecture Professional (ISSAP)

CREST Registered Technical Security Architecture (CRTSA)

EC-Council Certified Network Defense Architect (CNDA)

GIAC Defensible Security Architecture (GDSA)

Demonstrated ability to learn and document new technologies/solutions

Experience with ServiceNow is a plus

Experience working in an ITIL environment

The annual salary range for this position is $99,500.00-$149,300.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer :

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

Medical, Rx, Dental & Vision Insurance

Personal and Family Sick Time & Company Paid Holidays

Position may be eligible for a discretionary variable incentive bonus

Parental Leave and Adoption Assistance

401(k) Retirement Plan

Basic Life & Supplemental Life

Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

Short-Term & Long-Term Disability

Student Loan PayDown

Tuition Reimbursement, Personal Development & Learning Opportunities

Skills Development & Certifications

Employee Referral Program

Corporate Sponsored Events & Community Outreach

Emergency Back-Up Childcare Program

Mobility Stipend

About Guidehouse

Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at [email protected] . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.