Enterprise Security Architect

Who We Are Vigor, a Titan Company, is a values-driven, diversified industrial businessoperating in six locations with approximately 1,800 people in Oregon, Washington and Alaska. Built around a collection of powerful, unique assets and differentiated capabilities, Vigor excels at specialized shipbuilding, ship repair and handling important, complex projects in support of energy generation, our nation's infrastructure and national defense. With deep respect for people and the planet, Vigor strives to be a positive, regenerative force for good - environmentally, in the lives of our employees and in the community. We have built a positive culture that honors the work we do, the workers who do it, and the world we live in. POSITION SUMMARY: As an Enterprise Security Architect you will operate within the Information Security organization, reporting directly to the Information Security Director. To ensure separation of duties between IT and Information Security (IS) you will oversee and provide guidance and mentorship to IT Network Engineers and other IT personnel who are conducting the implementation of the organization's contractual and business-mandated cyber security requirements, improving the company's overall security posture. You will be responsible for providing recommendations related to the overall architecture, network infrastructure design and application of strategy across multiple companies by working closely between the IT and IS teams.You will also focus on post-implementation assessment of network configurations and controls, advising the Information Security Director regarding the operational, compliance and security components of the overall network infrastructure across multiple companies. You will perform high level end-to-end assessments and reviews, from initial setup and configuration to ongoing change management and vetting of newly proposed networking tools. You will ensure responsible personnel have conducted necessary actions under your guidance for all applicable devices, applications and network infrastructure to properly configure and manage these components. You will have knowledge and familiarity of network and security tools and standards (Security Technical Implementation Guides (STIGS), NIST and related) in order to provide guidance on initial configurations and recommendations for security tools and network setup. ESSENTIAL FUNCTIONS AND RESPONSIBILITIES: Must live the Vigor Values every day Represent Information Security objectives in organizational initiatives. Provide functional and empirical analysis and recommendations related to the proper planning, design, installation and implementation of the network architecture and infrastructure that includes: servers, endpoints, network equipment and enterprise applications. Design Network Topology in order to provide layered security throughout the network. Work with teams to implement and maintain this design. Responsible for establishing and ensuring compliance through appropriate policies, processes and technology with CMMC, NIST SP 800-171, and Naval Nuclear 801 including collection and storage of compliance evidence. Thorough understanding of Information security best practices and regulatory requirements within overall infrastructure, across multiple companies Provide technical expertise for a wide range of Information Security tools, techniques and controls and advise on their incorporation into the IT Technology Roadmap. Proficient with best practice configuration requirements for firewalls with preferred experience in Cisco and Fortinet. Identify cyber security deficiencies and risk mitigation strategies, develop and oversee corrective actions through technical and non-technical measures working in conjunction with the appropriate IT manager Work with Technical Services, Enterprise Applications and End User Support managers to ensure processes are in place to appropriately harden infrastructure server, network and enterprise applications to DISA STIG standards. Contribute to company's IT and Security policies and procedures. Oversee Vulnerability management Program. Provide guidance on the management of Operational Technology (OT) networks Stay up-to-date with the latest security threats, and make ongoing recommendations for improving our security posture. Ability to empathize and collaborate with colleagues, independently manage and run projects, and prioritize efforts for risk reduction. JOB SCOPE: The role operates within general parameters, but must use sound judgment and independent decision making when carrying out job responsibilities. Has the ability to influence existing protocols and modify practices. He/she has the responsibility to oversee the implementation of security measures in line with established government and contract mandated parameters. KNOWLEDGE SKILLS AND ABILITIES: Broad experience directly applicable to position responsibilities listed above Experience in implementations of large-scale compliance programs such as NIST Experience with public cloud service providers (e.g. Microsoft Azure). Experience with identity and access management frameworks and protocols, including SAML, OAUTH, and SCIM. Experience with e-mail security protocols (e.g. SPF, DKIM, DMARC) and controls. Knowledge of modern adversary tactics, techniques, and procedures. Experience with Network infrastructure (Cisco, Fortinet) Understanding of networking concepts (e.g., protocols, topologies, encryption). Ability to perform technical security assessments of large complex systems. Ability to design and develop new security control implementations. Self-motivated and be able to work in a dynamic, changing environment. Broad understanding of cyber threat mitigation techniques and security technologies including emerging trends. Possess excellent interpersonal skills to include working with customers, employees, management and security personnel REQUIREMENTS: Be a U.S. Citizen Ability to obtain an Active DoD Secret Clearance EDUCATION AND/OR EXPERIENCE: 7 years' experience with Bachelor's degree in Computer Science, Engineering or equivalent or 10 years related technical experience (required) 4+ years of work experience in Information Security Experience contributing to Information Security solutions, scope, and architecture Significant experience with Information Security technologies, including vulnerability scanning tools, SIEMs, endpoint protection tools, DLP, and IDS/IPS tools Prefer experience with Tenable.io, ForcePoint, Titus, Titus Illuminate, and Microsoft O365 tools CERTIFICATES, LICENSES, AND REGISTRATIONS: Must have a current version (or obtain within 120 days of start) at least one of the following DoD 8140 IAT Level III professional certifications: CASP+ - CompTIA Advanced Security Practitioner CCNP Security - Cisco Certified Network Professional Security CISA - Certified Information Systems Auditor CISSP (Or Associate) - Certified Information Systems Security Professional GCED - GIAC Certified Enterprise DefenderGCIH - GIAC Certified Incident Handler CCSP - Certified Cloud Security Professional Vigor Values Vigor expects all employees to enhance the atmosphere in which they work by living the Vigor Values every day. Truth: We seek the truth, and we speak the truth Responsibility: We act on what we know is right Evolution : We seek mastery, and adapt to a changing world Love: We care about the people we work with, and the world we live in Vigor and its wholly owned subsidiaries provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veterans, age, disability or genetics. In addition to federal law requirements, Vigor complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, benefits, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Created: 2024-11-05