SR Cloud Security Architect

Sacramento Municipal Utility District Sacramento , CA 94204

Posted 4 months ago

Minimum Qualifications

Education:

Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e Computer Science, Systems Engineering, Electrical Engineering) or seven years' experience.

Experience:

Three (3+) or more years of progressively relevant professional or technical experience in cybersecurity and/or information security.

Knowledge Of:

Principles and practices of cybersecurity and information technology systems. Principles and practices of system security engineering, design, development, analysis, testing and security administration.

Advanced methods and techniques of evaluating security and privacy requirements and developing secure solutions for SMUD systems. Methods and techniques of developing data security, integrity, backup and recovery processes. Project management methodologies.

Principles and practices of systems and procedures analysis and design. English composition and business writing and vocabulary standards; methods and techniques for report preparation and writing; methods and techniques for record keeping; modern office practices and procedures.

Skill To:

Problem solve, analytical and troubleshooting capabilities; ability to learn new skills quickly with minimal guidance; ability to achieve project schedules and milestones; work in a team environment with aggressive deadlines and multiple priorities while staying a team player; facilitation and presentation skills; strong verbal and written communication skills as well as strong interpersonal skills; ability to listen, learn, speak up, and mentor; attention to detail; skill to work with different groups and diverse projects as a partner; skill to perform privacy and/or security reviews including regulatory and industry assessments, risk analyses, information inventory and data mapping, vendor management security assessments, and additional privacy or cybersecurity compliance related projects.



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr RSA Archer Architect

Two95 International Inc.

Posted 1 week ago

VIEW JOBS 10/8/2019 12:00:00 AM 2020-01-06T00:00 <p><strong>Position : </strong><strong>Sr Archer RSA Architect</strong></p> <p><strong>Duration : 1+ Years ( Long Term )</strong></p> <p><strong>Location : Sacramento, CA</strong></p><p><strong>Requirements</strong></p><p><strong>MANDATORY QUALIFICATIONS</strong></p><p>1. A minimum of three (3) years’ experience within the past eight (8) years standing up and implementing the entire RSA Archer GRC platform, performing network engineering services on a large, complex network infrastructure (i.e., 10+ Gbps network with multiple locations tied together using an MPLS or equivalent WAN infrastructure. That network experience must include desktop/workstation and server DMZ and n-tier application zoning. Network engineering services must have been performed on a variety of network devices (e.g., switches, core and BGP routers, firewalls, proxies, etc. - at least 3 different device types) from a variety of network device manufacturers (e.g., Cisco, Palo Alto, Juniper, etc. - at least 2 different vendors). </p><p>2. A minimum of two (2) years’ experience within the past five (5) years performing systems engineering services for a large (i.e., 10 Gbps switches, over 10 vLANs, multiple firewalls, etc.) datacenter environment using a variety of both physical and virtual system platforms (e.g., Linux, VMWare, Hyper-V, AWS, Windows Server, etc. - at least 3 different platforms). </p><p>3. A minimum of two (2) years’ experience within the past eight (8) years performing baseline systems data collection, analysis and reporting for large, complex organizations similar to California, preferably state or federal government. </p><p>4. A minimum of two (2) years’ experience within the past eight (8) years performing system and/or application configuration and scripting in a complex environment. </p><p></p><p><strong>NETWORK ENGINEERING TASKS </strong></p><p>Design and build an additional VLAN </p><p>A. There should be 1 VLAN for security tools (the existing one) and another new VLAN for SOC/Solutions user space. </p><p>B. A dev/test environment will be established. </p><p>C. Audit existing tools VLAN to ensure only cybersecurity tools reside within the IP space. Migrate any nodes off that shouldn’t be there (e.g., key-card reader system). </p><p>D. Implement the new VLAN as logically segmented so we can have workstation, DMZ (for public facing web components), and VDI zones. (The DMZ and/or workstation segments may need to be further segmented [e.g., one set of workstation IPs for a lab/test environment, another for the SOC, another for Solutions, one part of the DMZ for lab/test, another for our internal tools use, another for customer access to our services/tools].</p><p>E. Ensure external security data sources have a clear path to the appropriate IP on the correct port (e.g., cloud-based endpoint protection can get endpoint security logs from its cloud infrastructure into Splunk). </p><p>Troubleshoot (provide recommendations and implement approved solutions for existing known network issues with our tools implementation) </p><p>A. Implement the load balanced vIP for the syslog collectors </p><p>B. Troubleshoot network paths and firewall configurations and resolve all issues to ensure that all CDT network nodes have a clear path to the syslog collectors (i.e., the vIP, so long as that has been implemented correctly) or the Splunk indexer cluster using the appropriate port (i.e., UDP 514 / TCP 10514 to the generic collectors, other ports to the advanced collectors for port-based filtering, TCP 8089 to the cluster master and 9997 to the indexer cluster itself). </p><p>C. Migrate the Hiperwall devices and 5 workstations that are currently on the security tools subnet to the new “security users” VLAN/subnet. </p><p>D. Troubleshoot and configure any firewalls and network devices that are having issues sending logs to our SIEM to successfully send logs (e.g., still don’t have a firewall sending logs to Splunk). </p><p>Build and configure appropriate network paths required for security tools integration </p><p>A. Ensure the IDS cluster and IPS cluster have functional network path, as required for any integration (both internal and external). </p><p>B. Clear the network path for integration of all appropriate tools (e.g., Splunk, definitely the IDS and maybe the IPS clusters, Remedy, possibly NetBrain, etc.) with Archer. </p><p>Generate and provide documentation for effective security operations </p><p>A. Architecture and configuration documentation for the security subnets and zones. </p><p>B. Architecture and configuration of other critical CGEN network points. </p><p>C. Architecture diagram of the high-level/superset of CDT’s network – a global view. </p><p>D. Recommendations of knowledge/documentation gaps to be filled at some point. </p><p><strong>SYSTEMS ENGINEERING TASKS </strong></p><p>Coordinate with CDT technology groups to ensure all system logs are sent to Splunk within 30 days of contract start </p><p>A. Most systems should have Splunk Universal Forwarder installed via package.</p><p>B. Systems unable to install the Universal Forwarder tool will need to be configured to send syslogs to Splunk's syslog collectors. </p><p>Assist with RSA Archer implementation </p><p>A. Assist with configuration of all instances of Archer (i.e., GRC, SecOps, tools), including all dependencies (e.g., IIS, MS SQL Server, VM platforms, etc.). </p><p>B. Design, test, and document the migration process from the current Dev/Test environment to a 3-tier Production environment. </p><p>C. Ensure all firewalls are open for complete integration of Archer with all other interfaced systems (e.g., Remedy, Splunk, etc.) while keeping Archer systems within a secured network zone.</p><p>Assist with tools integration </p><p>A. Ensure that the IDS tools are tuned properly, with golden images prepared and loaded, and with all IDS devices communicating effectively to properly detect security events across the asymmetrically routed internet links. </p><p>B. Work with CDT's Remedy team to interface the SOC's RSA Archer solution with Remedy using standard web-API interfaces. </p><p>C. This may include configuration of automated incident generation using some templating process. </p><p>D. The interfaces may also require two-way messaging capabilities to be implemented and bugs/issues resolved. </p><p>Complete close-out of current version of SOC tools implementation. </p><p>A. Perform a technical audit of any cloud-based virtual systems and networks providing infrastructure for the security tools and users environments, and ensure they both meet security best-practices and integrate with all other CDT environments with as much logical isolation as possible. </p><p>B. Document architecture of all SOC tools, systems and environments, including both network diagrams and system diagrams. </p><p>C. Document maintenance and operations procedures for all SOC tools, systems and environments, including: installation procedures, configuration procedures, disaster recovery procedures, migration procedures, patching procedures. </p><p>D. Recommend and design a future-state architecture for both SOC environments (i.e., security tools and security users). </p><p>E. Install and implement an identity and access management solution for the security users environment, including an implementation of an Active Directory (AD) forest specifically for security tools and users. </p><p>F. Develop Splunk and RSA Archer content (via scripting and application resources) and assess/test as directed. </p><p>G. Implement other technical and/or administrative tasks as directed. </p> Two95 International Inc. Sacramento CA

SR Cloud Security Architect

Sacramento Municipal Utility District