Back to all jobs


Title: Senior Cyber Security Architect (LASO)

Location: Remote

Duration: 2 Years

Job Description:

Our client is seeking a resource to conduct comprehensive audits of data systems including its infrastructure, policies and procedures, to assure: 1) all data meets or exceeds specific federal security guidelines; 2) are Payment Card Industry (PCI) compliant; and 3) meet or exceed current “best practices” regarding driver’s license and motor vehicle data security; and to serve as a Local Agency Security Officer (LASO).

At a high level, the resource will act as the primary information security contact between our client and federal agencies under which our client interfaces with the federal and other local criminal investigation agencies. The Local Agency Security Officer (LASO) actively represents our client in all matters pertaining to information security, disseminates information security alerts and other material to constituents, and maintains information security documentation to include system configuration files.  The LASO will assist with information security audits or hardware and procedures, and keeps external entities informed as to any information security needs and problems. 


  • Assist with evaluation of architecture interfacing with other systems.
  • Assist with assessing the security of any equipment needed.
  • Assist with the evaluation of data integrity and data security.
  • Assist with ensuring all background check compliance is met for all project team members.
  • Assist with creating procedures to ensure the proper access rights are granted.
  • Assist in building User Acceptance Testing scenarios to ensure security requirements are properly tested and documented.
  • Assist with architecture reviews of all environments.
  • Assist with the evaluation and testing of disaster recovery plans.
  • Assist with the development of change management processes and procedure projects.
  • Provide written documentation and recommendations.     
  • Review network diagrams and access control lists for compliance with various security policies.
  • Work with client staff, review external IT security audit documentation regarding entities that access our client’s systems and data to determine compliance with various security policy requirements.
  • Provide technical guidance, principles, standards, and best practices to guide criminal justice agency infrastructure design and system implementations.
  • Perform technical analysis of vendor solutions to assess compliance with various security policies.
    • Audit identity and access management to assure they are properly managed and maintained for all systems; and recommend remedial action when required.
    • Audit client’s systems for PCI compliance; and recommend remedial action when required.
    • Work with external entities to ensure data is accessible for utilization for mission critical functions while maintaining all security requirements.
  • Analyze security needs for all client projects, internal systems, and external system connections.
  • Transition and train new security staff for duties including:
    • Deputy Registrar Security
    • Identity Access Management (AIM)
    • PCI Compliance
    • Policy Auditing
  • Securities duties will include:
    • IAM
    • PCI Compliance
    • Policy Auditing
    • Physical Security of Facilities
    • Fraud and Investigations
    • Technical Review/Architect
  • The LASO duties will include:
    • Identify who is using the approved hardware, software, and firmware and ensure no unauthorized individuals or processes have access to the same.
    • Identify and document how the equipment is connected to the state system.
    • Ensure that personnel security screening procedures are being followed as stated in security policies.
    • Ensure the approved and appropriate security measures are in place and working as expected.
    • Support policy compliance and ensure the client’s ISO is promptly informed of security incidents.
    • Conduct an annual audit of security compliance and track remediation efforts on any items found
    • Maintaining compliant network architecture
    • Properly vetting all individuals with access to client’s physical and logical resources through the access control systems and best IAM practices
    • Properly vetting all software and hardware vendors for security compliance
    • Working closely with client to utilize enterprise resources when possible and involving client on all technical projects
    • Active involvement in all data access requests that may contain sensitive information.
    • Work through vendor agreements to ensure all security requirements are met or exceeded
    • Reviewing client scans of their resources and monitoring identified vulnerabilities and remediation efforts
  • Provide knowledge transfer.

Desired Skills

  • Six (6) years’ experience in a security architect or engineer role.
  • Three (3) years’ experience in network engineering, including firewall management.
  • Four (4) or more engagements, within the last ten (10) years, in a security architect or engineer role where the engagement was longer than three months each.
  • Experience with the design and implementation of information systems, in organizations with more than 50 people, with an emphasis on data, network, and infrastructure security.
  • CISSP or GIAC certification.
  • Comprehensive knowledge of hardware, software, application, and systems engineering.
  • Broad knowledge of database systems, web-based technologies, and network security.
  • Systems thinking – the ability to see how parts interact with the whole (“big picture” thinking).
  • Knowledge of IT governance and operations.
  • Interpersonal and leadership skills – servant leadership, collaboration, facilitation, and negotiation skills.
  • Communication skills – both written and verbal.
  • Ability to explain complex technical issues in a way that non-technical people may understand.
  • Time management and prioritization.

On-Demand Group is an Equal Employment Opportunity (EEO) employer. All wage/salary ranges are dependent on experience, educational requirements, and other job-related criteria.

    • Job type: Contract
    • Location: Remote
    • Date posted: