Cybersecurity Architect

---

Job description

Job Description: The Cyber Architect candidate is responsible for ensuring that cyber security requirements are properly defined, decomposed, allocated, assessed, and implemented into a system architecture to produce a cyber-resilient security design solution for the target platform (Air System or Weapon System). This includes participating in working groups, design reviews, and formal artifact reviews alongside other Subject Matter Experts (SMEs) within the overall platform; and providing security expertise to ensure that cyber security is considered early in the product development lifecycle.

Applicant is expected to lead a range of cyber risk analysis and security assessment methods; identify and define appropriate patches and Security Technical Implementation Guides (STIGs) to address cyber vulnerabilities, feature changes, or obsolescence; develop documentation for specific installations and configurations necessary to obtain Authorizations to Operation (Client) in support of program schedules; and drive Plans of Actions and Milestones (POAMs) to mitigate open cyber risks.

The ideal candidate will communicate effectively with a range of audiences, technical and non-technical, and will function effectively on an engineering team to create a collaborative and inclusive environment that allows for the establishment of mission goals, itemized planning of tasks, and prioritization of tasks that drives the efficient execution of objectives.

Must be a US citizen. This position is located at a facility that requires special access and a Secret clearance updated within the last 6 years to be considered.

Position is located in Marietta, GA.

BASIC QUALIFICATIONS:
Bachelors Degree in a technical discipline (Computer Science, Computer Engineering, Electrical Engineering, Computer Security, Information Technology)

Experience analyzing, decomposing, and allocating security controls into executable security requirements at the system, sub-system and component level

Experience ensuring that cyber security requirements are properly defined, decomposed, allocated, assessed, and implemented into a system architecture to produce a cyber-resilient security design solution for the target platform.

DESIRED SKILLS:
Extensive experience developing and maintaining core security documentation artifacts for A&A Packages including Security Control Traceability Matrix (SCTM), System Security Plan (SSP) and/or Information Assurance Standard Operating Procedures (IA SOP), Plan of Action & Milestones (POA&M), and Risk Assessment Report (RAR).

Experience developing security architecture representations (e.g. Accreditation Boundaries, Physical Diagrams, Logical Diagrams, Functional Diagrams, and Rack Layouts), system design modeling (UML, SysML, Rhapsody, Cameo, MagicDraw), as well as requirements management

Experience utilizing Joint Special Access Program (SAP) Implementation Guide (JSIG), Committee on National Security Systems Instruction (CNSSI) 1253, and NIST SP 800-37 Risk Management Framework (RMF) to design and harden information systems commensurate with customer needs.

Experience with the development and sustainment of real-time embedded systems (avionics systems or similar)

Experience with engineering change processes and/or configuration control processes

Experience with secure software development concepts (e.g. static code analysis, dynamic code analysis, STIG/SRG hardening, etc.) as applied to high-level programming languages (C, C++, Java)

IASAE Level III IAW 8570 or higher certification (CISSP-ISSAP, CISSP-ISSEP)

TOGAF 9 certified, AWS Certified Solutions Architect, or Cisco Certified Architect

Background/knowledge working with information systems/environments that utilize the Open Mission Systems (OMS) standard and Universal Command and Control Standards Initiative (UCI) message set

Experience with Real-Time Embedded Operating Systems (e.g. GreenHills INEGRITY, LynxOS, VxWorks, Yocto)

Extensive knowledge of DoD Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)

Experience developing certification test procedures (CTPs) and executing customer witnessed security assessments utilizing NIST 800-53A assessment methods

Expertise/knowledge in both compliance testing and penetration testing methodologies.

Experience with Agile project management tools (JIRA, VersionOne, etc.)

Experience with DoD 5205.07 V1-4: SAPF manuals and applying it to engineered solutions.

Must be willing to mentor junior-level team members

Experience conducting technical trade studies and assessments

Experience with creating and presenting technical information to senior-level executives and customers

Demonstrated problem-solving and troubleshooting skills

Proficient technical writing skills

Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment

Experience working in an aerospace design environment with exposure to DoD customers and their accrediting authorities.

Ability to travel as required
Comments for Suppliers: Cyber Architect

REQUIRED Experience
Bachelors Degree in a technical discipline (Computer Science, Computer Engineering, Electrical Engineering, Computer Security, Information Technology)

Previous experience as a Cyber Architect is required

Experience analyzing, decomposing, and allocating security controls into executable security requirements at the system, sub-system and component level

Experience ensuring that cyber security requirements are properly defined, decomposed, allocated, assessed, and implemented into a system architecture to produce a cyber-resilient security design solution for the target platform.