Cyber Security Architect

Job Responsibilities and/or Success Factors

• Performs or leads security requirements analysis, security requirements definition, system security design, security architecture generation, security trade studies, and security verification and validation with little or no supervision.
• Executes the security testing and evaluation to ensure the correct implementation of security requirements.
• Supports system development by adding security rigor to the design, assessing the security posture, and hardening dynamic operating environments.
• Act as the main security interface with integration and/or development team to solve complex security problems while adhering to prescribed NIST 800 Special Publication series.
• Collaborates with teams to perform security control assessment activities.
• Conducts research and performs security analysis on the impacts of system designs, modifications, and technological initiatives.
• Reviews security architecture design to determine level of security compliance.
• Performs automated verification of DISA STIGs and other security benchmarks against web and appliance configurations.
• Synthesizes security solutions within the context of the system to meet customer expectations while staying within schedule and cost constraints.
• Researches and analyzes data, such as vendor products, COTS components, GFE/CFE, specifications, and manuals to determine security of design.
• Effectively chooses the appropriate standards, processes, procedures, and tools throughout the system development life cycle to support the generation of the security engineering products.
• Assists in drafting program required security documentation, including items such as security plans, technical configurations, concepts of operations, certification and accreditation documents, and procedures in compliance with the IA policy.
• Performs vulnerability scans and analysis of the scan results.
• Periodically conducts code reviews to ensure compliance with organizational policies and guidelines and best practices.

Required skills and experience include

• CISSP or equivalent certification
• Must have an active Top Secret security clearance and candidates must be willing to take a CI Poly
• Bachelor of Science degree in Engineering, a related specialized area or field is required (or equivalent experience) plus a minimum of 6 years of relevant experience; or Master's degree plus a minimum of 4 years of relevant experience
• Experience/Familiarity with Linux, Windows Server, JBoss, SQL Server, Marklogic, and Oracle
• Experience with agile project management tools
• Proficient with Microsoft Office suite of products
• Strong use and understanding of systems engineering concepts, principles, and theories
• Strong understanding of cyber security specifications such as Risk Management Framework (RMF), STIGs and other government security specifications and guidelines
• Strong knowledge of cyber security technology and trends
• Highly responsible, team-oriented individual with a very strong work ethic and a self-starter
• Effective organizational skills with strong attention to detail
• Ability to work in a fast paced, constantly changing environment
• Must be a team player and work in a collaborative team environment
• Strong written and verbal communications skills
• Effective in communicating issues, impacts, and corrective actions as they affect the cyber design and implementation
• Strong ability in reporting relevant cyber systems engineering design

Preferred Skills

• Creative thinker, good multi-tasker
• Knowledge and/or experience with secure cloud solutions (i.e., Amazon Web Services, Azure) and tools
• Contact with project leaders and other professionals within the Engineering and Development departments and with project teams
• Has received training and/or certifications in one or more of the following:
• Cloud Certified Security Professional or Cloud Security Solutions
• IT Infrastructure Language
• Web Application and Database Security