The primary responsibilities of the Cybersecurity Architect include:
- Directly interface with internal partners such as Network Operations, Internal Assurance (IA), Diplomatic Security Services (DSS) and EA Team.
- Leverage familiarity with open architecture principles and cyber security architecture principles that achieve cybersecurity framework goals.
- Creation an actionable Cybersecurity roadmap supported by common technical controls associated with mitigation of risks that compromise the integrity of the Department’s data residing on networks, in applications and systems.
- Load, process and analyze asset vulnerability data.
- Develop cybersecurity policy, procedures recommendations aligned with external compliance requirements.
- Perform System and Data categorization assessments and provide recommendations
- Update the Department’s As-Is and Target Cybersecurity Architecture.
- Map common NIST controls the Department’s Cybersecurity Reference Services Architecture.
- Active DOD/DSS SECRET security clearance or higher.
- Bachelor’s Degree or Masters in Computer Science or Information Systems.
- At least five (5) years’ experience with architecting, designing, and implementing cybersecurity systems, solutions, and tools in federal organizations.
- A minimum six (6) years of experience working with Security Authorization requirements, developing and enhancing the security risk posture, and analysis and reporting of IT security metrics.
- Experience with selecting, designing, and implementing security tools and capabilities for large, complex federal or commercial organizations.
- Familiarity in cybersecurity governance standards, such as the Risk Management Framework and commensurate NIST frameworks.
- Information Security Certification, including CEH, CISM, CSSP, CISA, CISSP, or CompTIA Security+.
- Familiarity with all phases of the SDLC and cybersecurity lifecycle, from threat modeling and risk assessment, implementation and development, vulnerability assessment and continuous monitoring.
- Demonstrate prior experience in assisting/educating stakeholders in evaluating, prioritizing and utilizing risk management techniques as they apply to cyber security.
- Experience in a Cybersecurity compliance, operations, or engineering leadership role.
- Experience with innovative Cybersecurity products and capabilities, including A&O, AI and machine learning, Next Generation Firewall (NGFW), and Big Data.
- Familiarity with State Department and the Managing State Projects for Information Technology (MSP-IT) project cycle.
- Familiarity with the Software Development Life Cycle (SDLC).
- Experience with User Interface designs and mockups.
- Experience with business process improvement or business process re-engineering.
- Previous experience working with Federal Government clients is highly desirable.