Senior Security Architect

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. 

Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). 

Beyond just excellent pay and benefits, you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. 

A position at MPG promises you 

• A diverse organization 
• A safe workplace with zero tolerance for discrimination or harassment of any kind  
• A balanced work life. Seriously.  
• A stable, established, and growing business
• A leadership team focused on your professional growth and development

This position is contingent upon contract award. MindPoint Group is seeking an experienced Enterprise Security Architect for our government client. The Enterprise Security Architect will focus on standardization, suitability, and integration of the existing security portfolio while looking to incorporate new and more dynamic solutions to make the client's environment more secure and user-friendly. As a Security Architect, you will be responsible for evaluating new solutions (IoT, APIs, etc.) and developing the supporting elements required to incorporate new technologies safely and securely. The candidate should be familiar with the following:

• Develop and maintain current and planned state architectural documents – domain roadmaps, standards, reference architecture, implementation documents
• Assess vendor capabilities, development, and test strategies
• Lead working groups and work collaboratively with other domain enterprise and solution architects to deliver a comprehensive technology roadmap and future state vision.
• Review solutions to be deployed in the cloud and on-premises environments
• Assess, design, implement, and document cybersecurity processes and solutions
• Perform cybersecurity modeling, analysis, and planning activities
• Analyze business requirements to develop technical solutions and their framework
• Respond to and, when appropriate resolve or escalate security incidents
• Review security logs, enterprise tools, and network traffic for unusual or suspicious activity
• Maintain in-depth knowledge of IT industry best practices, technologies, architectures, and emerging technologies.
• Communicate architectural decisions, plans, goals, and strategies
• Experience leading the alignment of on-going activities in support of critical Federal mandates such as Continuous Diagnostics and Monitoring (CDM), Executive Orders related to cybersecurity, and guidance from OMB and NIST
• Experience providing high-level design and architecture diagrams, technically validating solutions and connecting business, data, security, systems, and other technical and non-technical architectures
• Familiarity with open architecture and cybersecurity architecture principles that achieve cybersecurity framework goals
• Support with vendor/customer assessment and audit activities

• Top Secret clearance (SCI eligible) is strongly preferred but will consider exceptional candidates who are Public Trust eligible
• Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) required
• At least 8 years of experience in network and endpoint security architecture
• Experience with security tools such as vulnerability management tools (Nessus, Retina), configuration management (Bigfix, SCCM, EPO), endpoint detection (antivirus, ATP), data loss prevention, and intrusion detection software and hardware
• Familiar with data analysis tools (Excel or PowerBI)
• Familiar with encryption technologies used in commercial operating systems, including Public Key Infrastructures, symmetric and asymmetric cryptography, certificate trust stores, and the use of key escrow for discovery and legal purposes
• Familiarity with the use of Transport Layer Security (TLS) to secure network communications, code signing certificates, and Certificate Authorities (CA) for the administration of encryption trust certificates.
• Familiar with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS), and the exploitation mechanisms of common vulnerability types (e.g., buffer overflows, cross-site scripting, SQL injection).
• Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
• Ability to use common tools such as Wireshark to examine network traffic
• Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP), and Structured Query Language (SQL).
• Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system.
• Strong analytical and organizational skills.
• Concise writing skills, excellent MS Word skills as well as other MS Office Applications
• Experience leading meetings and other briefings to senior leaders
• Background in general security practices such as identity and access management (IAM), encryption, and multi-factor authentication, security information and event management (SIEM), and supporting technologies

Work Environment:

• While this position is fully remote, preference will be given to candidates who reside in the Washington, DC area. For candidates outside of the Washington, DC area, travel up to 10% to Washington, DC area will be required post COVID.

• All your information will be kept confidential according to EEO guidelines.
• Equal Opportunity Employer Veterans/Disabled