Master Security Architect

This is a fully remote position, open to applicants in Maryland.

📋 Description

• Collaborating with engineering teams at Hitachi Vantara and clients to ensure that products comply with US Government security standards.

• Assessing the security posture and compliance of security solutions based on both internal and external criteria, and conducting gap analyses.

• Strengthening Hitachi Vantara's product and service offerings.

• Aiding in the achievement and maintenance of Authorizations to Operate (ATOs) for both traditional and FedRamp-compliant solutions.

• Drafting, reviewing, and updating System Security Plans (SSPs), Contingency Plans, and Plans of Action and Milestones (POA&Ms).

• Offering security guidance and establishing requirements for Hitachi Vantara’s internal systems, customer-facing services, and product lines.

• Detecting security design deficiencies in current and proposed product and service architectures and suggesting modifications or enhancements.

⛳️ Requirements

• At least 8 years of experience in security architecture and/or engineering.

• Advanced technical skills in various platforms and systems, including Linux, Windows, VMWare, and SQL.

• Knowledgeable about industry and government security standards and baselines such as DISA STIGs, CIS benchmarks, NIST 800-53, NIST Risk Management Framework, FIPS 140-2/3, NIST Cybersecurity Framework, and NIST 800-171.

• Familiarity with the FedRamp approval process and securing solutions in both public and private cloud environments (AWS, Azure, GCP).

• Comprehensive understanding of application security patterns, including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening) and mobile security strategies (device fingerprinting, mobile authentication, and key exchange).

• Familiarity with IAM federated identity strategies, including SAML, OAuth, and OIDC protocols.

• Strong/expert-level understanding of trends in information security policy, auditing, compliance, and risk management.

• Desired certifications: CISSP, CSA, Security+.

🏝️ Benefits

• Health insurance.

• Flexible work arrangements.

• Paid time off.

• Opportunities for professional development.