Item Response Is this SO for a new position? Yes Is an onsite interview a must or is the hiring manager open to screening over a Skype (or other) video call for out of state candidates? No How many interview rounds will be conducted for the position? 2 Is there a chance of extension in the duration of the assignment, beyond the budget/duration included in the SO? Yes Will the position require the candidate to be onsite completely or there is a possibility of working remotely (partially/completely)? No Can a vendor suggest a different Resource Title based on the position and budget assigned to that position, if the position requires a niche skill? No Philadelphia, PA 19107 Duration : 12 months Onsite role The resource(s) covered under this SO will support the Project This is a staff augmentation role with the Office of Innovation and Technologies Information Security Team that will focus on designing, implementing, and maintaining robust security solutions for our customer’s environment. On-site work will take place at City of Philadelphia offices. Position overview / Statement of Work The ideal candidate will be a subject matter expert in information security, capable of designing, implementing, and maintaining robust security solutions for our customer’s environment. This role requires a deep understanding of cloud security, particularly in Azure and AWS environments, as well as experience leading security initiatives in large enterprise organizations. Work activities: + Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements + Employ secure configuration management processes + Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines. + Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. + Develop and maintain the organization's security roadmap + Design and implement security architectures for Azure and AWS environments + Conduct regular security assessments of cloud infrastructure + Develop and maintain cloud security policies and procedures + Implement and manage cloud-native security tools and services + Lead incident response efforts for high-priority security events + Develop and maintain security monitoring and alerting systems + Implement and manage SIEM (Security Information and Event Management) solutions + Perform risk assessments and develop mitigation strategies + Ensure compliance with relevant industry standards and regulations + Work with development teams to implement secure coding practices + Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) + Perform security code reviews and application penetration testing + Collaborate with executive leadership to align security initiatives with business objectives + Manage security projects and allocate resources effectively Required + Bachelor's degree in Computer Science, Information Security, or a related field + 8+ years of experience in information security roles + Extensive experience with cloud security, particularly in Azure and AWS environments + Strong knowledge of security frameworks and best practices (e.g., NIST, ISO 27001, CIS Controls) + Excellent understanding of network protocols and security technologies + Experience with security tools such as SIEM, EDR, IDS/IPS, and vulnerability scanners + Strong analytical and problem-solving skills + Excellent communication skills, both written and verbal Ability to work effectively in a fast-paced, dynamic environment Highly Desired/Preferred + 8+ years of experience in information security roles + Extensive experience with cloud security, particularly in Azure and AWS environments + Strong knowledge of security frameworks and best practices (e.g., NIST, ISO 27001, CIS Controls) + Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) + Excellent understanding of network protocols and security technologies + Experience with security tools such as SIEM, EDR, IDS/IPS, and vulnerability scanners + Strong analytical and problem-solving skills + Excellent communication skills, both written and verbal + Ability to work effectively in a fast-paced, dynamic environment