Leidos currently has an opening for a Sr. Software System Architect to work onsite from our Austin Data Center. (No relocation assistance available). This is an exciting opportunity to use your experience helping the IOSS mission. The mission of the Department of Veterans Affairs (VA), Office of Information & Technology (OI&T), Information Technology (IT) Operations and Services (ITOPS), Infrastructure Operations (IO) is to support One VA world-class service to Veterans and their families by delivering results-oriented, secure, highly available, and cost-effective information technology services. IO support helps to provide critical services focusing on consistent availability of Veteran-facing applications and quick delivery of benefits for Veterans
The Software Architect will perform support services within the ITOPS IO Security Management Division. This division is charged with establishing a centralized security program to address security with ITOPS IO's
projects. Some security tasks are currently accomplished utilizing various tools, technologies, and processes that are not standardized across ITOPS (i.e. AITC, HITC, PITC, QITC, CITC, Regional Data Centers, Business Partner Extensions, External Cloud environments). Not all IT security functions are currently managed under a standardized set of processes and technologies or in a centralized format. In some cases, more than one process exists for a single function, i.e. access requests. In other cases, while a process or security system exists, its use is not commonplace at all applicable sites.
Technical Security Support
The data center environment requires additional coverage to manage the security tools and the growing technical security responsibilities across ITOPS IO in order to secure Veterans' data and important VA systems 24x7x365. The ITOPS IO approved Security Monitoring product support process is to deploy a three-shift Technical Security Section for 24x7x365. The Contractor shall provide 24x7x365 support services coverage. The Technical Security support is to be centralized at AITC with tools implemented across ITOPS.
1st Shift - Keep security tools tuned and coordinated with the necessary security posture within ITOPS, and any other locations identified. The support services required include analyzing current security tools and datacenter environments to ensure all security environments needing attention get the attention required per policy and customization needed with the different applications or datacenter solutions. Support 1st shift team shall also handle critical/important day-to-day Change Order management and ITOPS IO project involvement. 1st shift team shall also handle current and future security tool architecture design.
The ITOPS IO Technical Security group relies on advanced tuning of existing IT security products to detect, protect and forward critical security alerts to the ITOPS IO Security Monitoring group, Nation Service Desk (NSD), Information Security Officers (ISOs) and the VA National Security Operations Center (NSOC) on alerts related to VA compliance policy violations, Advanced Persistent Threats (APT's). Forensics and any other IT Security related issues that need 24x7x365 support.
The ITOPS IO security network will be interconnected among the different data centers (i.e. AITC, HITC, PITC, QITC, CITC, Regional Data Centers, Business Partner Extensions, External Cloud environments) in a separate private security network. Each data center's security network will be separated by a firewall to only allow other data center security network connectivity using VA's existing network. This allows for the separation of environments to keep event log data as required by policy to where only designated INFOSEC personnel have access into this security network from the various ITOPS IO network locations. This ITOPS IO Information Technology Center (ITC) security network will also provide the redundancy needed for security network and security tool availability. ITOPS IO security tool standardization will be implemented along with the technical security processes that are in place at AITC. The redundancy for each ITC will include Intrusion Protection Systems / Intrusion Detection Systems (IPS/IDS), vulnerability and compliance assessment tools, Security Information and Event Management (SIEM), Web Application Firewall (WAF), dedicated malware protection architecture, Network Access Control (NAC), virtualization security, and the core infrastructure for the security network along with ITC technical security personnel to overlap and provide the 24x7x365 support needed.
Incident response procedures and processes at all datacenters are to be unified to complement the security incident response process that the rest of VA uses, including integrating with the NSOC and Field Security. Incident tracking is performed using the NSD and Remedy.
The centralization of security tools, processes and incident handling provides the in-depth security posture and metric information needed for the datacenter environments. Standardizing on these tools may require additional training for other security staff at the sites.
In support of these Technical Security efforts the following tasks are performed daily:
- Assessments and compliance activities using central managed vulnerability scan engines to perform operating systems, network devices, databases and applications assessments.
- Collection and analysis of all operating systems logs, network device logs, network flows, intrusion prevention and intrusion detection, vulnerability assessment, network firewall, web application firewall and virtual environment logs and provide centralized correlation, alerting, log archiving, asset discovery and behavior analysis configuration using an IBM QRadar Security Information and Event Manager (SIEM) or equivalent.
- Real-time network and system protection, detection and log analysis using Sourcefire Intrusion Prevention System/Intrusion Detection System (IPS/IDS) or equivalent sensors centrally managed with Sourcefire Defense Center console or equivalent providing network awareness and vulnerability intelligence.
- Web application vulnerability assessments and reporting using web application assessment software, which also provides web application security intelligence to the Web Application Firewall solution.
- Real-time web application protection against SQL injection attacks, malicious bots, zero-day attacks, data loss and defacement protection and any other Web Application attacks that exist including Payment Card Industry Data Security Standard (PCI DSS) compliance using Web Application Firewall technology. PCI compliance and reporting is performed by VA.
- End user device threat containment and access control to ensure VA security policies and restrictions in the Information Technology Center network using Network Access Control technology are adhered.
- Network and system malware protection, detection and log analysis using Malware Protection System.
- Conduct status briefings and resolve issues in support of senior managers and VA leadership upon request from COR/VA PMs.
- Review and maintain Standard Operating Procedures for the Intrusion Prevention Systems Intrusion Detection Systems (IPS/IDS), Security Information and Event Manager (SIEM), Vulnerability assessments using Tenable Security Center or equivalent, Incident Response, Web Application Firewall (WAF), VMware or equivalent, Network Admission Control Systems (NAC), Malware Protection System (MPS) and any other ITOPS IO Technical Security activities and processes that may need SOP's reviewed and maintained.
- Netflow Analysis- day to day duties include monitoring network and application response using monitoring tools
- Application Delivery Analysis (ADA) - day to day duties include configuring ADA to analyze network traffic as it relates to VA applications hosted at VA data centers.
- Multiport monitor configuration and deployment to collect and analyze network traffic which is passed to ADA for storage and presentation
- Tap the network traffic and provide data packet flows to each monitoring tool set for Network teams, Security Teams and Monitoring teams. Current tools include Netshark, Forescout, RScope, PVS, ADA/MTP. Each toolset requires different filtering applied so the tools can diagnose performance and detect abnormal or suspect traffic.
- Provide diagnostic support during High and Critical priority calls as well as project engineer calls to isolate root cause of performance issues
- Assist with Spectrum monitoring tool to discover and manage device deployments (servers and network components) at VA Datacenters, primarily AITC, PITC, CRRC, HITC and regional Data Centers at Sacramento, St. Louis, Denver, Orlando, Little Rock, and New Jersey
- The Senior Software/System Architect must have extensive experience in the coordination of program and project leaders to identify requirements for system architecture.
- Able to identify strategies for addressing requirements.
- Extensive experience with analysis of requirements against fiscal, schedule, and performance issues.
- Experience in taking program requirements and is able to create an architecture vision having experience in high volume and high availability networks and systems.
- Creating and conveying to team members the architectural vision for a program or project. Is responsible for dictating design choices to software developers, including but not limited to: platforms, coding and technical levels. Experience in establishing and enforcing standards and practices. Overseeing the development team, he manages the full life cycle of the software development process. Has extensive software development experience and thorough knowledge of a variety of programming languages and logic.
- Mus be a US Citizen
- Ability to obtain Public Trust Clearance
- Master's Degree in computer science, electronics engineering or other engineering or technical discipline is required plus 10 years of experience. 10 additional years of relevant experience may be substituted for education.