RSA Archer Specialist

RSA ARCHER SPECIALIST MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount Inc. is seeking a RSA Archer Specialist with expert-level proficiency who is responsible for the architecture, engineering, content enablement, enhancement, administration, and maintenance of the RSA Archer platform within the client's enterprise. The RSA Archer Specialist will play an integral part in the designing, developing, upgrading, administration and maintenance of the Governance, Risk, and Compliance (GRC) solution to support the client's business requirements. The specialist will work closely with IT Security, Operations, and Business stakeholders to ensure effective use of RSA Archer for enterprise-wide Security Authorization and Assessments (A&A), Risk Management and Compliance initiatives.

The Archer Specialist functions as a technical expert across multiple assignments and provides Archer support, including designing, developing, and configuring Archer applications, questionnaires, reports, data imports and export, data feeds, campaigns, dashboards, notifications, and packages. The Archer Specialist must ensure the RSA Archer platform is integrated with other client tools to streamline workflows, increase efficiency & provide a holistic picture. Provide technical support for RSA Archer, including remediation of technical issues and developing custom content in response to client requests and requirements. The candidate must update, patch, and implement enhancements for Archer. Develop, configure and deploy Archer apps, On-Demand Applications (ODAs), data feeds, and integrations. Create & customize Archer use cases, reports, dashboards and content to support the client's initiatives. Perform O&M and administrative tasks (e.g., user, permissions, etc.), and resolve technical issues.

The RSA Archer Specialist will assist the PM in the development of project schedules, plans and strategies for all RSA GRC initiatives. Additionally, the RSA Archer Specialist will ensure all Service Level Agreements (SLAs) are met and serve as a cross functional team member supporting other tasks required.

DUTIES & RESPONSIBILITIES

Architecture:

• Assess current requirements and provide recommendations to ensure the most effective solution is in place and being utilized by the client. Develop, obtain, and provide requirements as needed to meet the mission needs. Attend design, test and change review meetings - provide feedback, concerns, and remediations.
• Review of current implementations and provide redesign or enhancement recommendations, as well as solution designs for existing and ongoing implementations.
• Design and support multiple tool integrations into the RSA Archer GRC tool, as required.
• Produce architecture and data flow designs, diagrams, documentation (e.g., system administration guides).

Engineering:

• Implement, upgrade, install, configure, and tune the RSA Archer GRC solution for new and existing instances.
• Work with other teams to facilitate successful implementation, upgrade and maintenance efforts; ensuring the secure and proper configuration (according to best practices) of the enterprise RSA GRC solution. This includes required components such as servers, databases, and communication pathways.
• Open tickets for external vendors and internal technical support (including change requests), monitor and provide the required support to successful completion and closure. The candidate will be the main POC for all RSA Archer related tickets. Troubleshoot and resolve issues all RSA Archer issues and request.
• Perform major and minor system upgrades to ensure the solution is operating on the latest supported, tested and preferred version based on the vendor.
• Utilize SQL and SSMS to design and maintain scripts that are run against the database (DB); develop, implement, manage and maintain new scripts.
• Monitor and Maintain RSA Archer backend database health - controlling bloat and ensuring health and streamlined for optimal performance. Perform database maintenance to ensure optimal performance. Ensure system and all data is backed up on the approved cadence and perform annual testing (partial and full) to ensure all disaster recovery objectives are met.

Content Enablement:

• Develop content and customizations as required by the client for the RSA Archer GRC tool.
• Perform maintenance of and enhancements to the developed content.
• Review existing content and assess current state and provide recommendations for enhancements.
• Implement application configuration changes that include development of new workflows; migration of data sets; creating new fields and/or sections to apply to the various layouts; data imports; and account reviews.

Administration & Maintenance:

• Perform system performance/health monitoring daily and develop and provide management and clients with statistics and recommendations, if needed.
• Perform system tuning activities, which may include patching, configuration changes, accesses, etc.
• Apply software updates and patches as released by the vendors.
• Perform trending of license usage to account for future growth/reduction of license volume where a tool is using a volume-based license.
• Develop project schedules and associate tasks for initiatives and upgrades.
• Initiate and manage tickets for external vendors and internal technical support teams, including change requests, ensuring timely resolution in compliance with client procedures.
• Collaborate with backup and restoration teams to verify optimal system backup performance, troubleshoot issues, and conduct annual test restores.
• Maintain an up-to-date internal configuration backup for each tool, ensuring consistency and availability.
• Administer user accounts and permissions for tools and underlying operating systems, including account creation, modification, and deactivation, while ensuring compliance with security policies.
• Monitor, manage, and renew certificates for tools and underlying operating systems, ensuring all certificates remain valid and up to date to maintain system integrity.
• Configure tool and underlying operating system logging to required level and ensure successful transmission to log repository systems.
• Troubleshoot application issues, follow established IR processes, and triage, troubleshooting, and ultimately correct any issues as reported by the user base.

Process and Training Development

• Assist in developing processes, SOPs, and training materials aligned with client requirements and guidelines.
• Provide training for internal and external team members.

QUALIFICATIONS:

MINIMUM REQUIREMENTS:

• At least 5 years hands on and operational IT Security / Cybersecurity experience.
• At least three (3) years of experience with the following RSA technical skills:
  • RSA Archer: GRC, Policy Management, Issue Management, Business Hierarchy, Risk Management, Incident Management capabilities, as well as RSA Web API, Data feed manager and data publications services, and RSA Archer ODAs.
• At least three (3) years of hands-on experience with the following:

• Programming skills: REST, JSON, Java, and Scripting: Python, Shell, Perl, Bash
• Data bases: SQL
• Operating System's: Windows and Linux

• Demonstrated experience implementing and configuring Archer in an enterprise environment.
• Ability to explain events and produce reports based on the data generated in RSA Archer.
• Ability to train all users and document all current and new functionality of the RSA Archer tool.
• Effective in working autonomously and in teams on high level systems analysis and technical phases of development. The position interacts with senior management, other technology personnel, clients and vendors.
• Ability to work on multiple projects involving complex systems analysis, design and complete application customization.
• Collaborate with the entire team and customers on feature requirements and prioritization.
• Must have a team player mindset with an ability to thrive and effectively communicate in a fast-paced, constantly evolving environment.
• Excellent communicator with a proactive work ethic. Driven to ensure the highest quality of work products.

EDUCATION:

• Bachelor's degree in computer engineering, computer science, IT, cybersecurity, or a related field (or equivalent years of experience).
  • Years of experience may be utilized in lieu of education requirements.

CERTIFICATIONS:

• At least one of the following: RSA Archer Administrator, RSA ID Plus Certified Administrator, RSA Governance & Lifecycle Certified Administrator, RSA ID Plus certified Implementer, or RSA Governance & Lifecycle Certified Implementer.
• Additionally, a minimum of one of the following Certified in Governance, Risk and Compliance (CGRC), GIAC Security Essentials (GSEC), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Information Systems Security Officer (CISSO), Certified Information Systems Security Professional (CISSP), Certified Penetration Testing Engineer (CPTE), CompTIA Cybersecurity Analyst (CySA ), GIAC Security Leadership Certification (GSLC), GIAC Certified Incident Handler (GCIH), GIAC Security Leadership Certification (GSLC), GIAC Systems and Network Auditor (GSNA), or equivalent certification.

CLEARANCE LEVEL:

• Public Trust

WORK LOCATION:

• Hybrid - This position offers a hybrid work arrangement. The primary location is Zermount HQ and the client site in Washington DC. Remote work is authorized but occasional travel to the client site and corporate HQ may be required. Direct engagement with stakeholders at client and corporate locations, which is crucial for aligning with and understanding project objectives.

HOURS OF OPERATION:

• Core Hours: 8:00 AM - 4:30 PM EST.