Security Architect

Our company's foundation is built on excellence, integrity, teamwork, and community. When you join the Summit team, you become an integral part of our company's mission. You are our competitive advantage

We believe in communication and information transparency. We provide employees with encouragement, professional development, and the opportunity to give back to the community. Come be a part of our enthusiastic and dynamic team

What sets us apart from the rest?

• A fun and friendly environment
• Birthday, Holiday, and Anniversary recognition
• Teamwork
• Open and honest communications
• Personal growth
• Work-life balance
• Engage in community service
• 7-time winner "Best Places to Work" in Virginia

Competitive Salary and Exceptional Benefits:

• 100% company paid Medical premiums for the employee and 50% for dependents
• 100% company paid Dental premiums for all dependents
• Matching 401k
• Employee education assistance program
• Voluntary benefits (i.e., Term life insurance, Auto insurance, Pet insurance, Financial services, etc.)
• Employee discounts (i.e., Travel, Health and Wellness, etc.)

We are looking for a Security Architect to join our team in Richmond, VA

Job Responsibilities/Duties:

• This individual works with business stakeholders communicating security solutions, implications to business value, and negotiating tradeoffs
• The Security Architect focuses on all efforts within IT and the business that require Information Security controls, including proof of concepts
• Support Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
• This individual must stay abreast of the laws and regulations, partnering with the customer stakeholder to ensure all the related Information Security requirements support and provide the necessary controls these areas require
• Develops and validates architectural strategies and designs for migration to FedRAMP High cloud platforms (AWS, Azure, GCP, Oracle/OCI)
• Involves working with business stakeholders and IT, assessing effectiveness of current state security controls and analyzing gaps
• Leads in the evaluation of controls and how well people, process, and technology are providing the required level of controls and protections
• This individual supports the review of and provides guidance for Information Security products
• Security Architect defines, documents, and maintains security reference architectures and works with delivery teams to build and extend these solutions
• This role requires a deep knowledge Information Security domains, latest threats and countermeasures
• Provide Information Security assessments including required controls for all efforts, projects, and implementations for the organization
• Provide guidance and direction in the cloud security, infrastructure as a service, automation and minimum required capabilities, enforcing a principle of required services, and least privilege
• Recommend Information Security control tests that will provide validation that the appropriate controls are in place
• Assist in quantifiable risk analysis, including identifying and recommending appropriate levels of risk mitigation
• Secure API implementations, virtual and containerization security
• Secure coding practices, secure software development life cycle, continuous deployment, and continuous integration, secure code testing and code repository security and WAF experience
• Manage security product lifecycle, tech debt, risk, architectural planning, roadmaps, strategy, and modeling
• Leverage security management tools, continuous automation and monitoring, and risk management tools
• Potential for 2-3 days onsite

Job Qualifications:

• 8+ years of experience with Information Security Architecture
• CISSP, CISM, CISA, CRISC, SANS or equivalent certifications
• Experience in Security Architecture and Engineering, Security and Risk Management, Endpoint Security, Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security
• Experience defining and socializing security reference models
• 5+ years’ experience with AWS, Oracle, etc., platforms
• Experience with product and cloud management, containerization security, Infrastructure as a service and automation components
• Experience with networking, cryptography, DNS, routing, PKI, certificate management, IDS, IPS, scanning and firewalls
• Experience with NIST 800-53, CSF, PII, PHI, PCI
• Bachelor’s Degree or equivalent experience
• Self-starter, able to work independently as well as with a team
• Ability to communicate and negotiate with Sr Leadership
• Excellent communication both written and verbal
• Strong technical background
• Critical thinking and problem-solving ability

EOE