Enterprise Cyber security Architect
Our client is seeking a highly-skilled Enterprise Cybersecurity Architect to join their team of qualified, diverse individuals. This position is located in Springfield, VA.
Develop and maintain business, systems, and information processes to support enterprise cybersecurity and mission needs; develops information technology (IT) rules and requirements that describe baseline and target cybersecurity architectures.
- Identify and prioritize critical business cybersecurity functions in collaboration with organizational stakeholders.
- Provide cybersecurity advice on project schedule, design concepts or changes.
- Ensure that acquired or developed system(s) and architecture(s) are consistent with organization’s cybersecurity architecture guidelines.
- Evaluate architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to system requirements allocating the appropriate cybersecurity services and mechanisms to address any identified gaps.
- Develop enterprise architecture or system components required to meet cybersecurity needs.
- Generate alternative system concepts, physical architectures, security architectures, and design solutions
- Define system availability (resiliency) based on critical system functions and ensure that system requirements identify appropriate disaster recovery (DR) and continuity of operations (COOP) requirements.
- Provide input to the NIST Risk Management Framework process activities and related documentation (system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
- Develop a system security context, a preliminary system security Concept of Operations (CONOPS) and define baseline system security requirements in accordance with applicable cybersecurity requirements.
- Document and update as necessary all definition and architecture activities including how the implementation of new systems that interface may impact the cybersecurity posture of the enterprise.
- 10 years of relevant cybersecurity risk management experience
- Bachelor’s degree in Computer Science, IT, Cybersecurity, SW Engineering, or related technical degree strongly preferred.
- Qualified candidates must possess the PMP certification, and they must also meet level IAM III DoD 8140 Baseline Certification requirements by possessing the following industry certifications:
- CISSP (or Associate)
The successful Enterprise Cybersecurity Architect will need to demonstrate the following capabilities;
- Knowledge of information systems, networks, and security methodologies (OS, protocols, topologies, architectures, cloud, on-premise, classified environments, zero trust, defense in depth, least privilege, etc.).
- Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
- Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
- Skill in designing the integration of hardware and software solutions.
- Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
- Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
- Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
- Ability to execute technology integration processes.
- Ability to design micro-segmentation, zero trust, and least privilege models in enterprise architectures.
- This position will require U.S. citizenship and an active DoD TS/SCI security clearance. Must be willing to submit to, and pass, a CI polygraph.