Information Systems Architect - Hybrid at Viva USA Inc.
COLUMBIA, SC
About the Job
Title: Information Systems Architect - Hybrid
Mandatory skills:
Security, Vulnerability, Vulnerability Scanning, Penetration Testing, Pen testing, Firewall, DLP, Data loss Protection, Events, Alerts, log, Forensic, Data Security, ISO, HiTrust, PCI, HIPAA, Application Security, Threats, attacks, Cryptography, Security Planning, Strategy, SAST, DAST, Metasploit, NIST, SDLC, system security, application security, Endpoint protection, network security, authentication, security protocols, cryptography, security assessment, security controls, firewalls, log management, content filtering, intrusion detection systems, anti-virus software, COBIT, NIST, FISMA, SOX, Privacy Act, HIPAA, HITECH, ISO 27001, Privacy, IT risk management, IT, cyber security strategy, Governance, risk, and compliance, GRC, Information Security Incident Management Plan, IT security architecture, Mobile device management, BYOD, MDM, Identity management & access Management, IAM, IDM, PIM, Computer Emergency Response Team, CERT, Computer Security Incident Response Team, CSIRT, Privacy, encryption, Security log management/correlation, SIEM, Security Operations Center, SOC Management, Penetration testing and vulnerability identification, Forensics, Lean, Six Sigma, application Migration, platform migration, upgrade, project delivery, Agile, Scrum, Delivery, Deliverables, initiation, planning, monitoring, execution, delivery, large, medium, scope, budget, Cyber Security, Stakeholders, Portfolio Manager, Project Management Office, PMO, Change Control, Change Management, application development, infrastructure, NIST, NIST Controls, NIST 800, System Security Plan, (SSP), Plan of Action & Milestone, (POA&M), process, implementation strategy, System Security, DFAR, IATT, ATO, System architecture, risk, mitigation, remediation,
SIEM, Active Directory, AD, DNS, DHCP, GPO, PKI, Qualys, NESSUS, Nitroview, FireEye, Wireshark, ArcSight, Splunk, Firewall, GRC, RMF, TCP, UDP, SSH, SSL, LogRhythm, Metasploit, ITIL, Checkpoint, PMP, Clarity, PPM, Planview, HP PPM, MS Project, MS Office, TCP/IP,
Information Security, Cybersecurity, server infrastructure,
technical requirements, Microsoft Purview, enterprise GRC tool, PowerShell scripting,
data protection, encryption, access control, M365 suite, risk assessments, threat modeling,
Network Security Cybersecurity, Safeguard Computer Security Evaluation Matrix, SCSEM, IRS Safeguard, NIST Security,
records management, Purview Information Protection, data compliance tools, Purview Compliance, Purview Secure,
Microsoft Purview Data Loss Prevention, Insider Risk Management, Information Protection, Data Lifecycle Management, Audit, Data security, Data Governance,
End User adoption, manual labelling, automatic labelling,
Microsoft certifications
Description:
SCOPE OF THE PROJECT:
Seeking a highly motivated individual to work as serve as the subject matter expert and primary technical lead of the, the primary technical lead and administrator of the Microsoft Purview environment. The person in this role will manage and administer the compliance (purview) portal in M365 and collaborate with analysts, architects, managers, and others across different departments including records management, security, collaboration, and IT.
The ideal candidate will have the following skills to be successful in this position:
Three (3) or more years developing compliance solutions using Microsoft 365 apps and services, primarily Purview Information Protection. A deep understanding of the Microsoft 365 (M365) Purview compliance architecture and administration, and data compliance tools implementation.
Sound understanding of Microsoft Purview Data Loss Prevention, Insider Risk Management, Information Protection, Data Lifecycle Management, Audit, Compliance Manager, Data security, Data Governance, and Risk and Compliance.
Experience in defining and implementing retention policies and retention labels in Microsoft Purview and developing learning materials and procedures for the user and support audience.
The ability to manage the full life cycle of eDiscovery and content search requests
Experience with Data Governance in relation to Microsoft Purview.
Experience driving End User adoption leveraging Microsoft 365 services.
The ability to design and build data classification strategies utilizing sensitive information types, manual and automatic labelling across M365 and other endpoints
An understanding of all components that comprise the Purview Secure Score and Purview Compliance Score
Troubleshooting an environment with multiple layers of applicable security policies across M365, Azure, and other technologies
Pro-actively learning new ways to solve technical challenges and monitor M365 roadmap changes
The ability to manage multiple tasks and competing priorities in a busy work environment.
Document procedures, and processes for a secure infrastructure
Nice to have skills:
PowerShell scripting
Microsoft certifications
Mentoring and training junior team members
Under general supervision, the contractor will serve as an engineer reporting directly to a functional manager. Contractor will be a team member that ensures the stability and integrity of data, and server services through monitoring, maintenance, support, and optimization of all server infrastructure. This individual has 24/7 on-call responsibilities shared with the group.
DAILY DUTIES / RESPONSIBILITIES:
Non-Technical
Effectively interact and communicate with peer to Director-level IT professionals.
Provide feedback to team regarding product issues, enhancements and new features.
Must have initiative, drive and be a self-starter.
Ability to ask pertinent questions of others.
Proactively seek to identify, communicate and implement process related improvements.
Effectively manage multiple tasks and activities concurrently and able to provide periodic status updates to key stakeholders
Collaborate extensively with peers and management to resolve client issues while actively contributing to a growing knowledge network that improves the effectiveness of our team and the information available to our stakeholders.
Prioritize numerous issues of varying severity, and effectively manage the resolution of all issues within accepted service levels. This includes ownership of the data entered into the Helpdesk system and appropriately updating both stakeholder and appropriate employees of status of all issues on a timely basis.
Good customer skills, be attentive to detail, and responsive to customer tickets.
Comfortable working across teams with various stakeholders and internal customers to collaboration and drive the adoption of security tooling that support improvements to the organizational security posture.
Able to translate leadership objectives into technical requirements and communicate those cross-functional teams.
Technical
Develop workaround solutions as appropriate.
Perform equipment and software upgrades
Maintain familiarity with current computer and network products
Adhere to corporate information security guidelines and promote information security among coworkers
Strong understanding of security protocols, cryptography, authentication, authorization, network fundamentals and cloud security.
Performs other duties and special projects as assigned.
Design, implement, and maintain the organization's MS Purview and M365. Provide an architectural framework for information system development, maintenance, and enhancement efforts.
Architect and implement GRC tools and process workflows.
Guide risk & compliance activities to include assessing systems against policies and standards
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Deep technical proficiency in cybersecurity governance frameworks, compliances tools, secure system architecture.
3 years of experience in Governance, Risk, and Compliance sector of Information Security / Cybersecurity
Ability to engage diverse audiences of varying technical and non-technical skill levels to generate engagement with those stakeholders and ensure alignment between technical requirements and organizational objectives.
2 years’ experience with Microsoft Purview or comparable enterprise GRC tool.
Experience navigating complex business environments and build relationships with other teams to persuade stakeholders with effective value for technical adoption of security initiatives.
Practical experience with applying DIS-200, NIST 800-53, and ISO 27XXX
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
MS purview administration
Working in a disa secure environment
Strong understanding of data protection principles, encryption, access control, & retention
Mastering principles of risk assessments, and threat modeling
Creating policies, governance, and protection
M365 suite experience
Effective time management skills including multitasking
Communication skills
Compliance manager skills
REQUIRED EDUCATION/CERTIFICATIONS:
A bachelor’s degree in information technology systems, computer science, or related field and four years of experience in information technology systems or related area.
PREFERRED EDUCATION/CERTIFICATIONS:
Multiple Industry Certifications in field.
Skills:
Category Name Required Importance Level Last Used Experience
Administrative Verbal Communication Skills No 1 Advanced Currently Using 2 - 4 Years
Administrative Written Communication Skills No 1 Advanced Currently Using 2 - 4 Years
Miscellaneous Time Management No 1 Advanced Currently Using 2 - 4 Years
Network Security Cybersecurity No 1 Advanced Currently Using 2 - 4 Years
Network Security IRS Safeguard Computer Security Evaluation Matrix (SCSEM) No 1 Advanced Currently Using 2 - 4 Years
Network Security risk/vulnerability assessments No 1 Advanced Currently Using 2 - 4 Years
Packaged Applications Microsoft No 1 Advanced Currently Using 2 - 4 Years
Specialties IRS Safeguard Review No 1 Advanced Currently Using 2 - 4 Years
Specialties NIST Security No 1 Advanced Currently Using 2 - 4 Years
Note:
Hybrid - Remote Work Availability: 25%
VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at hr@viva-it.com for any complaints, comments and suggestions.
Contact Details:
Account co-ordinator: Binodh M.T, Phone: (408) 709 3343, Email: staffing10@viva-it.com
VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008
staffing10@viva-it.com | http://www.viva-it.com
Mandatory skills:
Security, Vulnerability, Vulnerability Scanning, Penetration Testing, Pen testing, Firewall, DLP, Data loss Protection, Events, Alerts, log, Forensic, Data Security, ISO, HiTrust, PCI, HIPAA, Application Security, Threats, attacks, Cryptography, Security Planning, Strategy, SAST, DAST, Metasploit, NIST, SDLC, system security, application security, Endpoint protection, network security, authentication, security protocols, cryptography, security assessment, security controls, firewalls, log management, content filtering, intrusion detection systems, anti-virus software, COBIT, NIST, FISMA, SOX, Privacy Act, HIPAA, HITECH, ISO 27001, Privacy, IT risk management, IT, cyber security strategy, Governance, risk, and compliance, GRC, Information Security Incident Management Plan, IT security architecture, Mobile device management, BYOD, MDM, Identity management & access Management, IAM, IDM, PIM, Computer Emergency Response Team, CERT, Computer Security Incident Response Team, CSIRT, Privacy, encryption, Security log management/correlation, SIEM, Security Operations Center, SOC Management, Penetration testing and vulnerability identification, Forensics, Lean, Six Sigma, application Migration, platform migration, upgrade, project delivery, Agile, Scrum, Delivery, Deliverables, initiation, planning, monitoring, execution, delivery, large, medium, scope, budget, Cyber Security, Stakeholders, Portfolio Manager, Project Management Office, PMO, Change Control, Change Management, application development, infrastructure, NIST, NIST Controls, NIST 800, System Security Plan, (SSP), Plan of Action & Milestone, (POA&M), process, implementation strategy, System Security, DFAR, IATT, ATO, System architecture, risk, mitigation, remediation,
SIEM, Active Directory, AD, DNS, DHCP, GPO, PKI, Qualys, NESSUS, Nitroview, FireEye, Wireshark, ArcSight, Splunk, Firewall, GRC, RMF, TCP, UDP, SSH, SSL, LogRhythm, Metasploit, ITIL, Checkpoint, PMP, Clarity, PPM, Planview, HP PPM, MS Project, MS Office, TCP/IP,
Information Security, Cybersecurity, server infrastructure,
technical requirements, Microsoft Purview, enterprise GRC tool, PowerShell scripting,
data protection, encryption, access control, M365 suite, risk assessments, threat modeling,
Network Security Cybersecurity, Safeguard Computer Security Evaluation Matrix, SCSEM, IRS Safeguard, NIST Security,
records management, Purview Information Protection, data compliance tools, Purview Compliance, Purview Secure,
Microsoft Purview Data Loss Prevention, Insider Risk Management, Information Protection, Data Lifecycle Management, Audit, Data security, Data Governance,
End User adoption, manual labelling, automatic labelling,
Microsoft certifications
Description:
SCOPE OF THE PROJECT:
Seeking a highly motivated individual to work as serve as the subject matter expert and primary technical lead of the, the primary technical lead and administrator of the Microsoft Purview environment. The person in this role will manage and administer the compliance (purview) portal in M365 and collaborate with analysts, architects, managers, and others across different departments including records management, security, collaboration, and IT.
The ideal candidate will have the following skills to be successful in this position:
Three (3) or more years developing compliance solutions using Microsoft 365 apps and services, primarily Purview Information Protection. A deep understanding of the Microsoft 365 (M365) Purview compliance architecture and administration, and data compliance tools implementation.
Sound understanding of Microsoft Purview Data Loss Prevention, Insider Risk Management, Information Protection, Data Lifecycle Management, Audit, Compliance Manager, Data security, Data Governance, and Risk and Compliance.
Experience in defining and implementing retention policies and retention labels in Microsoft Purview and developing learning materials and procedures for the user and support audience.
The ability to manage the full life cycle of eDiscovery and content search requests
Experience with Data Governance in relation to Microsoft Purview.
Experience driving End User adoption leveraging Microsoft 365 services.
The ability to design and build data classification strategies utilizing sensitive information types, manual and automatic labelling across M365 and other endpoints
An understanding of all components that comprise the Purview Secure Score and Purview Compliance Score
Troubleshooting an environment with multiple layers of applicable security policies across M365, Azure, and other technologies
Pro-actively learning new ways to solve technical challenges and monitor M365 roadmap changes
The ability to manage multiple tasks and competing priorities in a busy work environment.
Document procedures, and processes for a secure infrastructure
Nice to have skills:
PowerShell scripting
Microsoft certifications
Mentoring and training junior team members
Under general supervision, the contractor will serve as an engineer reporting directly to a functional manager. Contractor will be a team member that ensures the stability and integrity of data, and server services through monitoring, maintenance, support, and optimization of all server infrastructure. This individual has 24/7 on-call responsibilities shared with the group.
DAILY DUTIES / RESPONSIBILITIES:
Non-Technical
Effectively interact and communicate with peer to Director-level IT professionals.
Provide feedback to team regarding product issues, enhancements and new features.
Must have initiative, drive and be a self-starter.
Ability to ask pertinent questions of others.
Proactively seek to identify, communicate and implement process related improvements.
Effectively manage multiple tasks and activities concurrently and able to provide periodic status updates to key stakeholders
Collaborate extensively with peers and management to resolve client issues while actively contributing to a growing knowledge network that improves the effectiveness of our team and the information available to our stakeholders.
Prioritize numerous issues of varying severity, and effectively manage the resolution of all issues within accepted service levels. This includes ownership of the data entered into the Helpdesk system and appropriately updating both stakeholder and appropriate employees of status of all issues on a timely basis.
Good customer skills, be attentive to detail, and responsive to customer tickets.
Comfortable working across teams with various stakeholders and internal customers to collaboration and drive the adoption of security tooling that support improvements to the organizational security posture.
Able to translate leadership objectives into technical requirements and communicate those cross-functional teams.
Technical
Develop workaround solutions as appropriate.
Perform equipment and software upgrades
Maintain familiarity with current computer and network products
Adhere to corporate information security guidelines and promote information security among coworkers
Strong understanding of security protocols, cryptography, authentication, authorization, network fundamentals and cloud security.
Performs other duties and special projects as assigned.
Design, implement, and maintain the organization's MS Purview and M365. Provide an architectural framework for information system development, maintenance, and enhancement efforts.
Architect and implement GRC tools and process workflows.
Guide risk & compliance activities to include assessing systems against policies and standards
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Deep technical proficiency in cybersecurity governance frameworks, compliances tools, secure system architecture.
3 years of experience in Governance, Risk, and Compliance sector of Information Security / Cybersecurity
Ability to engage diverse audiences of varying technical and non-technical skill levels to generate engagement with those stakeholders and ensure alignment between technical requirements and organizational objectives.
2 years’ experience with Microsoft Purview or comparable enterprise GRC tool.
Experience navigating complex business environments and build relationships with other teams to persuade stakeholders with effective value for technical adoption of security initiatives.
Practical experience with applying DIS-200, NIST 800-53, and ISO 27XXX
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
MS purview administration
Working in a disa secure environment
Strong understanding of data protection principles, encryption, access control, & retention
Mastering principles of risk assessments, and threat modeling
Creating policies, governance, and protection
M365 suite experience
Effective time management skills including multitasking
Communication skills
Compliance manager skills
REQUIRED EDUCATION/CERTIFICATIONS:
A bachelor’s degree in information technology systems, computer science, or related field and four years of experience in information technology systems or related area.
PREFERRED EDUCATION/CERTIFICATIONS:
Multiple Industry Certifications in field.
Skills:
Category Name Required Importance Level Last Used Experience
Administrative Verbal Communication Skills No 1 Advanced Currently Using 2 - 4 Years
Administrative Written Communication Skills No 1 Advanced Currently Using 2 - 4 Years
Miscellaneous Time Management No 1 Advanced Currently Using 2 - 4 Years
Network Security Cybersecurity No 1 Advanced Currently Using 2 - 4 Years
Network Security IRS Safeguard Computer Security Evaluation Matrix (SCSEM) No 1 Advanced Currently Using 2 - 4 Years
Network Security risk/vulnerability assessments No 1 Advanced Currently Using 2 - 4 Years
Packaged Applications Microsoft No 1 Advanced Currently Using 2 - 4 Years
Specialties IRS Safeguard Review No 1 Advanced Currently Using 2 - 4 Years
Specialties NIST Security No 1 Advanced Currently Using 2 - 4 Years
Note:
Hybrid - Remote Work Availability: 25%
VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at hr@viva-it.com for any complaints, comments and suggestions.
Contact Details:
Account co-ordinator: Binodh M.T, Phone: (408) 709 3343, Email: staffing10@viva-it.com
VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008
staffing10@viva-it.com | http://www.viva-it.com
