Manager, Security Architecture

Kpmg Alexandria , VA 22313

Posted 3 months ago

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, Security Architecture to join our Digital Business Transformation organization.

Responsibilities:

  • Define information security controls and patterns that support risk assessments and support the development of secure architectures

  • Provide technical security expertise to KPMG teams' solutions including communicating security architectural decisions, benefits, and risks

  • Collaborate with technology architecture teams by performing security analysis of proposed architectures, providing risk assessment feedback, including security requirements

  • Provide security consulting services internally to the organization by giving security guidance and functioning as an information security subject matter professional

  • Draft information security standards and baselines

  • Interact with project teams to provide advice on security and assist with compensating control alternatives where security requirements cannot be met

Qualifications:

  • Minimum of five years of progressive security architecture experience; preferably within a professional services firm or similar environment

  • Bachelor's degree from an accredited college or university; preferred certifications in CISSP, (ISC) 2 CCSP, CSA CCSK, and MCSE: Cloud Platform and Infrastructure, AWS Certified Solutions Architect

  • Technical experience with one or more of the following areas: identity management, Active Directory, Intrusion Detection/Prevention and NGFW (Sourcefire, Palo Alto), endpoint protection (Symantec, Bit 9), cloud infrastructure (Azure, AWS), web application firewalls (Imperva)

  • Experience designing and implementing secure architecture and reference architectures: from business requirements gathering to technology rollout oversight, including capacity management, definition of scoring methodologies for technology selection, integration of multiple tools and reporting functionalities, technical documentation

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Manager (Top Secret Clearance)
New!

Seneca Resources

Posted Today

VIEW JOBS 11/20/2018 12:00:00 AM 2019-02-18T00:00 Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. We are a leading IT services provider headquartered in Reston, VA with offices in Richmond, VA Birmingham, AL and Columbia, MD that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team. <br />  <br /> <br /> <br /> <b>Title:</b> <b> Information Systems Security Manager</b><br /> <b>Location:</b>  <strong>Alexandria</strong><b><strong>,</strong> VA</b><br /> <b>Employment Type: Full Time  </b><br /> <b>Compensation: Extremely Competitive</b><br /> <strong>Clearance: Top Secret</strong><br /> <br /> <br />   <table border="0" cellpadding="0" cellspacing="3" width="593"> <tbody> <tr> <td><b>Job Description:</b></td> </tr> <tr> <td>Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments.  Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.  Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.  Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).  Conduct reviews and technical inspections (as prescribed by the Lead ISSM) to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.  Assist the Lead ISSM in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.  Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM</td> </tr> </tbody> </table>   <table border="0" cellpadding="0" cellspacing="3" width="593"> <tbody> <tr> <td>The Information Technology (IT) Information Systems Security Team establishes and maintains the classified technology infrastructure and application support services required by our analysts to deliver timely, objective and cost-effective analysis. We design, develop, and deploy hardware- and software based solutions in close coordination with our client-facing groups while adhering to strict security protocols.</td> </tr> <tr> <td><br /> <b>Requirements:</b></td> </tr> <tr> <td>• Bachelor's degree in an IT-related field or equivalent experience.<br /> • Experience as an ISSM implementing NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements.<br /> • 10+ years of experience in information assurance technology or a related area.<br /> • Have or obtain CISSP certification per DoD Directive 8570.1 within 6 months upon being hired.<br /> • In accordance with Department of Defense (DoD) 8570.01M, must meet the proficiency and certification requirements of an IAM Level II. Acceptable certifications include CISSP, CISM, and GSLC.<br /> • Experience in a research and development environment where software and algorithms are developed.<br /> • Experience in developing external customer relationships and communications (e.g., DSS, NRO, DARPA, IARPA, AF, Navy)<br /> • Proficient in Microsoft Office programs, including Word, Excel and PowerPoint, and a working knowledge of Microsoft desktop operating systems.<br /> • Proficient in Microsoft Enterprise environment and the security architecture.<br /> • Effective oral and written communication skills for working within a team environment.<br /> • Ability to exercise independent judgment and to work autonomously with minimal supervision.<br /> • Experience configuring systems for compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).<br /> • Experience validating system compliance using the Security Content Automation Protocol (SCAP) Validation Tool.<br /> • Experience using the Assured Compliance Assessment Solution (ACAS) for vulnerability scans, network configuration assessments, and network discovery.<br /> • Experience administering Red Hat Linux systems in a classified computing environment. <br /> • Comfortable managing secure Public Key Infrastructure environments.<br /> • Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.<br /> • Experience with DoD Risk Management Framework (RMF), NIST SP 800-53, and NISPOM.<br /> • Excellent time management skills; keeps commitments.<br /> • Have an active TOP SECRET security clearance and ability to obtain SCI and SAP/SAR clearances.<br /> <br /> <b>Preferred Qualifications</b><br /> • Previous experience working as a security professional in a SAP/SCI environment.<br /> • Familiarity conducting vulnerability scans.<br /> • Familiarity with the ODAA Baseline Standard requirements, Joint Special Access Program (SAP) Implementation Guide (JSIG) and Risk Management Framework (RMF).<br /> • Excellent communications skills (written & oral), ability to conduct IS user briefings.<br /> • Bachelor’s degree in one of the following but not limited to: Information Technology, Information Assurance, Computer Information Systems, or Criminal Justice.<br /> • Experience in PERSEC, COMSEC and/or program security roles. </td> </tr> <tr> <td> </td> </tr> <tr> <td> </td> </tr> </tbody> </table>  <br />   Seneca Resources Alexandria VA

Manager, Security Architecture

Kpmg