Job Family:
Cyber Consulting (Digital)
Travel Required:
Clearance Required:
Provide support to clients related to formalizing existing security engineering processes for the design, development, deployment, maintenance, and decommissioning of cybersecurity capabilities. Provide technical expertise and assist with establishing and implementing a formal Security Engineering function, including standard operating procedures and processes that govern all phases of the security engineering lifecycle.
What You Will Do:The following duties and responsibilities include performing hands-on administration of:
technologies, logically designing security solutions, and authoring engineering documentation (including project plans, requirements, risks, schedules, and other documents required as part of a formal Project Management process). Specific responsibilities shall include, but are not limited to the following:
Author / amend the Board’s Security Engineering program document to serve as the the primary tool for designing the ideal Security Engineering program for Information Security Branch.
Support the implementation of a formal Security Engineering program with a variety of product types (e.g., project plans, system designs, network diagrams, formal requirements, test cases, user stories, use cases, and standard operating procedures).
Document the Board’s network in the form of a network architecture/diagram.
Support the design and implementation of a robust security infrastructure that protects board data and systems from internal and external threats.
Support the maintenance and management of Board security toolsets. This might include: tasks such as upgrading software, applying patches, and configuring settings to ensure the the toolset is operating effectively and efficiently.
Research new security capabilities and recommend solutions that can be employed within the Board’s infrastructure. This could involve identifying new technologies that could help improve the Board’s security posture and making recommendations for their implementation.
Support the Board’s implementation of a Zero Trust architecture. This might include enhancing identity and access management controls, improving network segmentation, and ensuring sufficient logging and visibility across Board assets.
Support the Board’s evaluation of the current technology stack and propose opportunities for improvement (e.g., use current technology better, consolidate technology).
What You Will Need:US Citizenship
Minimum of 4 years of experience
Experience designing and implementing secure networks and systems in either local (on-premises) or cloud computing solutions. This includes creating secure designs and integrating security appliances and technology into local, cloud, and/or hybrid networks.
Deep understanding of security technologies, including firewalls, intrusion detection and prevention systems, identity and access management solutions, and encryption protocols.
Familiarity with relevant industry standards and regulations, as well as with software development standards and practices such as the Systems Development Lifecycle, project and program management principles, and Agile development methodologies. This includes, but is not limited to, the Project Management Institute’s Project Management Body of Knowledge (PMBOK) standards, the National Institute of Standards and Technology’s (NIST) Special Publication 800-160 Vol. 2 Rev. 1 “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach,” and NIST’s Cybersecurity Framework 2.0.
Experience implementing Zero Trust Architecture.
Experience building dashboards, detection techniques, and other cybersecurity approaches to monitor and defend assets from both external and internal threats.
Strong writing skills and communication, including experience authoring security engineering program documents.
Build dashboards, detection techniques, and other cybersecurity approaches to monitor and defend the Board’s assets from both external and internal threats.
Evaluate security engineering plans and document recommendations. This could include providing advisory services to designs proposed by others or amend designs to include and/or enhance security defenses.
Attend meetings as required, take meeting notes/minutes, and capture action items on behalf of the Cybersecurity Operations Unit and provide that information back to the team.
What Would Be Nice To Have:Degree in Cybersecurity
Highly desired experience includes the following: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Data Centers.
Highly desired experience includes the following: AWS security technologies, Microsoft Azure security technologies, Google Cloud, Cisco networking appliances, F5, Bluecoat, Palo Alto, VMware, CrowdStrike, Tenable, FireEye, Gigamon, Splunk, and other common enterprise security technology providers
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short-Term & Long-Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.