Security Architect

Want to work for a company that offers excellent opportunity combined with a worthwhile mission? Navy Mutual is that company and we are looking for talented people to join our team!

As a Security Architect for Navy Mutual you will play a critical role in 

developing and maintaining a Security Architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers. 

We are not just looking for anyone... we are looking for the right person to bring their professionalism, knowledge and drive to succeed to our team

What will you be doing?

• Develops and maintains a Security Architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
• Works cooperatively with all staff to meet the business and customer needs of Navy Mutual, while managing processes and methods for auditing and addressing information security standards; and facilitates migration of non-compliant environments to compliant environments
• Informs and conducts security audits within and outside the organization, to ensure compliance with standards and currency with industry security norms 
• Manages and participates in the planning and implementation of security administration for all IT projects; and makes recommendations and assists in the implementation of changes to work methods and procedures to make them more effective or to strengthen security measures 
• Develops security strategy plans and roadmaps based on sound enterprise architecture practices
• Develops and maintains Security Architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
• Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM)
• Participate in the design and execution of the back-up disaster recovery systems, and contingency operations; and participates in systems back-up regimen as needed
• Create and maintain a security training program, and perform regular security awareness training for all employees, to educate and ensure compliance with the organization's  security policies, standards, and procedures
• Responsible for maintaining project software and documentation inventory and configuration baselines
• Establishes and maintains all CM processes and procedures; including library and software development information, impact assessments, incident reports, and software change notices, etc.; on a continuous basis
• Identifies and implements processes to strengthen, streamline and automate build processes; and serve as an advocate for best practices to drive the development and maintenance of build automation tools
• Maintain operational configurations of all in-place solutions as per the established baseline control efforts, using automated CM tools
• Responsible for change management controls and reporting/documentation
• Manage relationships with contractors and vendors as needed
• Establishes a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC)
• Other duties as assigned

What do you bring to the table?

• Computer Science or related Bachelor's degree and 5-10 years of relevant experience required.  Advanced technical training and experience with auditing and maintaining security of systems and information is required. 
• Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF.
• Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
• Verifiable experience reviewing application code for security vulnerabilities.
• Experience securing CI/CD pipelines
• Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
• Experience designing the deployment of applications and infrastructure into public cloud services.

• Payment Card Industry Data Security Standard (PCI-DSS)
• General Data Protection Regulation (GDPR)
• Privacy Practices
• ISO 27001/2
• NIST Cybersecurity Framework (CSF)

Full-stack knowledge of IT infrastructure:

• • Applications
  • Databases
  • Operating systems - Windows and Linux
  • Hypervisors
  • IP networks - WAN and LAN
  • Storage networks - Fibre Channel, iSCSI and NAS
  • Backup networks and media

Direct experience designing IAM technologies and services:

• • Active Directory
  • Lightweight Directory Access Protocol (LDAP)
  • Amazon Web Service (AWS) IAM

Strong working knowledge of IT service management (e.g., ITIL-related disciplines):

• • Change management
  • Configuration management
  • Asset management
  • Incident management
  • Problem management