Cybersecurity Architect - SaaS

Responsibilities

COMPANY DESCRIPTION

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions.

Noblis is hiring an experienced Cybersecurity Architect to support the Software-as-Service (SaaS) Governance program for a Federal Government client. As part of the Noblis Federal Civilian Services team, you will be working with the agency’s cybersecurity governance team to deliver innovative and effective cybersecurity solutions and recommendations, and drive IT transformation in support of and in collaboration with multiple business component partners.

JOB DESCRIPTION

We are looking for a skilled SaaS Security Architect to support our client’s Software as a Service (SaaS) Governance program.  This role is focused on helping the agency accelerate the secure use of SaaS through the implementation of a continuous monitoring strategy for SaaS applications agency-wide, including the deployment of SaaS Security Posture Management (SSPM) tools to actively monitor SaaS configurations for security risk.  Specifically in this role you will support the deployment of the agency SSPM tool (currently AppOmni), including development of application-specific policy baselines. You will work with business and operations teams to promote effective use of the tool agency-wide and create associated documentation and processes.  You will lead and drive all aspects of SaaS continuous monitoring including integration of SaaS applications with existing identity management systems and security operations process.  You will develop strategies to streamline, automate, and scale the process of onboarding SaaS applications into the continuous monitoring framework. You will work with agency cybersecurity leadership to develop and enhance policies and guidelines related to SaaS monitoring and secure use, and maintain and enhance the strategy and documentation related to SaaS continuous monitoring. This includes the evaluation and testing of new monitoring tools. You will also help maintain and enhance the overall SaaS governance framework. 

Responsibilities

• Lead the agency deployment of SSPM tool(s) to enable risk visibility and mitigation across deployed SaaS applications agency-wide, with a focus on automating and scaling SaaS application onboarding.
• Maintain and enhance the agency SaaS continuous monitoring strategy and all associated documentation.  Represent the strategy to all client stakeholders.
• Collaborate with the broader SaaS Governance team to share SaaS monitoring insights and provide recommendations on SaaS policies and procedures.
• Recommend and provide guidance to SaaS operations teams business owners related to SaaS application security monitoring.
• Develop enterprise-wide standards for monitoring the cyber risk posture of deployed SaaS applications.
• Provide recommendations to the CISO and other security leadership to improve SaaS governance and reduce risk in SaaS usage.
• Evaluate tools and technologies to improve and automate SaaS security monitoring.
• Support and lead evolving business development efforts through the application of technical/functional expertise to develop sound business solutions.
• Identify and influence future work beyond current project, consistent with the account strategy or corporate objectives

Client Engagement

• Build a productive relationship with the client and understand their structure and goals
• Contribute specialized domain or technical content to proposal sections or client white papers
• Learn about the Noblis business development lifecycle, processes, tools, and account structure

Required Qualifications

• Bachelor's degree preferably in cybersecurity, computer science, or a technology related field
• 9+ years of work experience in cybersecurity or related IT roles
• Experience reviewing IT security and compliance documentation from a risk perspective.
• Experience with security monitoring tools, ideally SSPM tools such as AppOmni or similar, and associated configuration baselines
• Expertise with NIST SP 800-53 controls and the NIST risk management framework
• Understanding of SaaS applications and their security considerations
• Strong working knowledge of application security concepts and approaches
• Strong analytical and writing skills
• Excellent teamwork, organizational, communication, and collaboration skills
• This is primarily a remote role but there will be expectations to go to our Woodlawn MD site on a quarterly basis as needed by the customer. Must be willing to go to the site.

Desired Qualifications

• At least five (5) years of experience with IT Security frameworks (FedRAMP, NIST, etc.).
• Application security or development experience.
• CISSP, CCSP, CISA, CISM or similar certification.
• Experience with cloud environments, particularly AWS, encompassing architecture, services, security, and governance.
• Prior federal government IT consulting experience.

Overview

Noblis and our wholly owned subsidiaries, Noblis ESI, and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us

Why work at a Noblis company?

Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace.

*Remote/hybrid status is subject to change based on Noblis and/or government requirements

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, sex, age, national origin, religion, physical or mental disability, pregnancy/childbirth and related medical conditions, veteran or military status, or any other characteristics protected by applicable federal, state, or local law.

If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us.

EEO is the Law  |  E-Verify  |  Right to Work

Total Rewards

At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits page on our Careers site.

Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis’ total compensation package.

Posted Salary Range