VITA - IT Security Architect 4 - Calsoft Labs

Short Description:
Security Architect IV to create System Security Plans for suppliers.
MAX VENDOR RATE: ***
ON SITE REQUIRED: 4 days /week until training is completed Then there is some flexibility
Parking is available on site for contractors

Complete Description:
ON SITE REQUIRED: 4 days/week required until training is completed. Then there is some flexibility.

Manager wants to clarify: There is no specification (or timeline), but I would say several weeks if not months for the 4 days/week on site. On Site requirement changes once the mgr is comfortable/they believe the contractor is ready.


Please set this expectation with any potential candidates and make sure they can commit to this arrangement or do not submit them! Tks!

Parking is available on site for contractors


ABOUT THE ROLE

Security Architect IV to create System Security Plans for suppliers. The role involves conducting interviews with business units, analyzing responses to security controls, and ensuring compliance with COV SEC530 (NIST 800-53).

We are seeking a highly skilled and experienced Security Architect IV contractor to develop and write System Security Plans (SSPs) for various suppliers and enterprise applications. This critical role requires a deep understanding of security controls, risk management, and compliance requirements.
Key Responsibilities:
- Collaborate with business units to gather and analyze information for the creation of comprehensive System Security Plans (SSPs).
- Conduct interviews with key stakeholders to understand system components, operations, and security needs.
- Evaluate responses to security control questions and identify any gaps or areas requiring remediation.
- Ensure all systems meet the security and compliance requirements of COV SEC530, based on NIST 800-53 standards.
- Develop detailed documentation outlining security measures, risk assessments, and system vulnerabilities.
- Provide guidance on risk mitigation strategies and recommend security improvements.
- Assist in ensuring that enterprise applications and supplier systems comply with industry standards and regulatory requirements.
Qualifications:
- Proven experience in writing System Security Plans and conducting security assessments.
- In-depth knowledge of NIST 800-53, COV SEC530, and other relevant security frameworks.
- Strong understanding of risk management, security controls, and compliance processes.
- Excellent communication skills, with the ability to collaborate with cross-functional teams and business units.
- Ability to work independently and manage multiple projects simultaneously.
This is a contractor position offering an opportunity to contribute to the security and compliance efforts of the organization, ensuring the protection of sensitive data and infrastructure.

Required / Desired Skills and Amount of Experience:
Solid Sr level IT Security Experience Required 7 Years
Security Architecture Design & Implementation. Exp writing System Security Plans and conducting security assessments Required 5 Years
Compliance & Regulatory Knowledge. In-depth knowledge of NIST 800-53 and other relevant security frameworks to ensure compliance with COV SEC530 Required 4 Years
Collaboration & Cross-Functional Coordination Required 2 Years
Questions:
Question 1 Commonwealth of Virginia security policies prohibit the use of offshore IT contractors. Do you attest to the fact that your candidate will physically reside within the US for the duration of the assignment?
Question 2 Please list candidate's email address.
Question 3 In what city and state does your candidate currently reside? If you put Richmond and the candidates phn# and locations on resume do not reflect this then PLEASE upload either a recent (local) utility bill or driver's license with their name and local RVA address to confirm this. Do this AT TIME OF SUBMIITAL as I may not have time to revisit their submittal on the day resumes are due to the mgr.
Question 4 If selected, the role requires that the contractor be ON SITE 4 days/week until internal training is completed (then there is some flexibility). Does your candidate agree to this arrangement?