Are you an experienced Cybersecurity Architect with CISSP certification looking to use your talents to make a difference?
At QTC, Cybersecurity Architects work in an innovative and self-governed environment. We create and apply new technologies in a team environment that is fun, creative and supportive. Best of all, the applications we create have a direct impact on the lives of our nation’s veterans!
Remote opportunities are available with a preference for candidates located near San Dimas, CA; San Antonio, TX; Nashville, TN; and Philadelphia, PA.
QTC is the nation’s largest provider of disability and occupational health examination services. We are PASSIONATE about our country’s veterans, UNITED as a team and INSPIRED to make a difference.
We offer meaningful and engaging careers to support you and your career goals, all while nurturing a healthy work-life balance, and we are proud to provide an employment package that attracts, develops and retains the best talent:
- Competitive compensation and quarterly bonuses
- Tuition reimbursement
- A 50% company match of your pre- and post-tax contributions up to 6% of your salary, including immediate vesting of company contributions
- Generous paid time off (minimum of 14 days/year), as well as 9 paid holidays
- Access to flexible benefits, including health and wellness programs, long and short term disability, an employee assistance program, employee referral bonuses, credit union access and flexible spending accounts
- An inclusive and ethical work place
In this rewarding role, you will be responsible for planning, designing, creating, and maintaining the IT Security solutions and capabilities that enable the organization to identify, protect, detect, respond, and recover from cyber threats and vulnerabilities. Defines and develops security requirements using risk assessments, threat modeling, testing, and analysis of existing systems. Evaluates the design and effectiveness of IT controls based upon industry best-practice models (e.g. NIST, SOX, COBIT, ITIL, FISMA, OMB, etc.) in accordance with compliance requirements to conform to standards and regulations.
Ideally you will have:
- Bachelor’s Degree in a related discipline w/ 5 to 9 years of relevant professional experience
- CISSP and or CISM Certification
- Working knowledge in service-oriented architecture
- Industry recognized technology certification (e.g. MCSE, CCDP, CCIE, RHCA, etc.)
- Ability to successfully pass National Agency Check with Inquiries (NACI) background investigation
NOTE: This position has multiple levels; candidates will be “leveled in” based on years of experience at time of hire”. “The actual pay rate may vary depending on geographical work location”
Essential Duties and Responsibilities:
- Understanding business requirements for cyber security solutions and translating these into technology-based solutions using a number of suitable portfolio offerings.
- Providing advice on technical and operational security measures designed to help defend against cyber threats.
- Leading complex deployments of cyber security portfolio solutions.
- Authorship, ownership and peer approval of High Level Design (HLD) documentation.
- Ensuring technical sign-off of Low Level Design (LLD) and operational documentation.
- Act as mentor and provide support to colleagues across the Architecture and Engineering teams.
- Provide technical input for ongoing development of portfolio and to bids, solutions and RFP documents.
- Assists in the analysis and definition of security requirements
- Assists with certifications and accreditation reviews, security test and evaluations and drafting associated reports
- Coordinates compliance remediation activities and maintains accurate list of open and close compliance issues for the organization
- Coordinates all internal (e.g. Leidos internal audits) and external audit events (e.g. HIPAA, NIST, SOX, , Authorization To Operate (ATO) with clients, etc.), including discovery, sample delivery, management response, and remediation activities for all audits
- Works with Leidos Security team to conduct, report, and remediate findings from Intrusion Detection and other vulnerability scans
- Develops mapping for controls to a Unified Control Framework
- Perform other duties and responsibilities as assigned
- Ability to understand weight and intent of compliance requirements to provide effective and meaningful analysis
- Must be a hands-on individual who is reliable, self-motivated, and has a can-do attitude
- Experience managing and maintaining compliance within large organizations and distributed environments
- Ability to identify technical and process design gaps and recommend appropriate remediation
- Ability to prepare compliance reports and associated metrics
- Ability to work with customer audit teams to fill information request
- Excellent negotiation and executive-level presentation skills
- Ability to multi-task and work effectively/efficiently with little direct supervision
- Excellent writing, editing, and documentation and evidence management skills
- Some travel will be required
- Must be legally eligible to work in the United States
Education and/or Experience: (includes certificate & licenses)
- Bachelors degree from an accredited college in Technology related discipline (e.g. Computer Science, Engineering, Information Systems, etc.) or equivalent experience/combined education
- 5 to 9 years working in compliance, information security, or internal audit covering one or more of the following: HIPAA, NIST 800-53, and Sarbanes-Oxley
- Required CISSP or CISM
- Working experience with HIPAA and one or more of the following standards and regulations: NIST 800-53, SOX, PCI
- Experience with using security tools such as Nessus, NMAP, Rapid7, and Qualys
- Must be able to successfully pass National Agency Check with Inquiries (NACI) background investigation
This job description supersedes all prior job descriptions and is intended to describe the general content and essential requirements for the position listed above. It is not to be construed as an exhaustive statement of requirements, duties and responsibilities. Management reserves the right to add or change the duties of this position as required at any time.
QTC Management Inc. is a VEVRAA Federal contractor and an Equal Opportunity Employer. The company has an ongoing commitment to affirmative action and the creation of a workplace free of discrimination, harassment and retaliation. The company recruits, hires, trains, and promotes individuals in all job titles without regard to race, color, creed, religion, ancestry, national origin, age, sex, pregnancy, sexual orientation, gender identity, genetic information, people with disabilities protected under law, and protected veteran status.
Pay Range:Pay Range - -
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 44,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.