- NIST Standards
- System Architecture
- DoD 8570
Aptive is seeking an Engineering Architecture Analyst, Sr., to support a Department of Veterans Affairs (VA) client.
The candidate must pass a National Agency Check (NAC) covering the past 7 years to obtain a VA Tier 4 ‘High Risk' BI Public Trust clearance as well be able to obtain or currently possess a DoD Secret clearance.
Requires U.S. Citizenship. This is a remote position that can be performed anywhere in the U.S.
The chosen candidate will be part of a team providing Enterprise Security Architecture (ESA) technical support services that accommodate VA's scope, size and complexity, including enterprise architecture, emerging technologies, networks and mobile, in specialized areas like healthcare, specialized medical devices, cybersecurity, IT Modernization and large scale architecture.
We are seeking specialized technical and security expertise of new technologies that VA is introducing, including merging of Electronic Health Records (EHR), cloud computing, Application Programming Interfaces (APIs), specialized networks (i.e., software and security perimeter and defined networks) Internet of Things (IoT), analytic ecosystems and medical devices. The candidate should have demonstrated expertise in IT, communications, systems architecture, engineering and integration; along with the ability to apply this expertise across a broad portfolio of IT systems, software and infrastructure solutions.
The Engineering Architect Analyst, Sr., should possess IT experience with a vast array of IT systems involving end user as well as enterprise level networks, possess extensive experience in network topologies, intrusion detection, PKI, secured networks and Cyber Security Tools. The Engineering Architect Analyst, Sr., shall resolve issues around the architectural vision, coordinate with program and project leaders to analyze IT system and network architecture, and clearly identify strategies for addressing requirements, risks, and issues.
The Engineering Architect Analyst, Sr., shall conduct trade-off analyses of requirements against fiscal, schedule, and performance issues. The candidate should bring extensive experience analyzing IT system and network architectures and coordinating with program and customer staff to identify strategies for addressing requirements, risks, and issues. The Engineering Architecture Analyst, Sr., will identify relevant key concepts, factors and risks, based on various methods of research and customer interactions, and will document these in clear and concise narrative or graphical representations.
Support implementation of information security engineering from establishing stakeholder security requirements, design, implementation, and validation to sustainment. Support planning and coordination of test plans, remediation and mitigation strategies.
Assist in planning and strategies for incident management, cybersecurity vulnerability assessment, continuous monitoring, configuration management, change management, risk assessments, system impact assessments, identity and access management (IAM).
Support development of ESA artifacts based on the ESA Roadmap.
Develop, review, and assess system level architectures for security flaws or gaps.
Support adoption of the ESA roadmap by reviewing standards, guidelines, and design patterns that follow the ESA mission and various security frameworks (e.g., CSF, CGS, SABSA).
Interface with key stakeholders within the various product and security teams.
Master's degree or higher in computer science, electronics engineering or other engineering or technical discipline and 5 years relevant experience. 10 years of additional relevant experience may be substituted for education.
VA or other Federal Government experience required.
Candidate must pass a National Agency Check (NAC) covering the past 7 years to obtain a VA High/BI Public Trust clearance.
Experience with and knowledge of IT security architecture and design (e.g., firewalls, intrusion detection systems, virtual private networking, virus protection technologies, LAN/WAN design and/or general internetworking technologies).
Knowledge of FISMA, NIST RMF and NIST SP 800-series publications.
Familiar with Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
Significant experience applying specific Security and Enterprise Architecture frameworks, standards and best practices to design and build a Security Architecture.
Understanding of information security postures, engineering of secure solutions and experience providing security documentation.
Firm understanding of Governance, Risk and Compliance (GRC) concepts, platforms and tools.
Experience with Certification and Accreditation (C&A)/Security Assessment and Authorization (SA&A), Information Security Systems Risk Assessment and IT Risk Management processes and practices.
Familiarity with VA operating environments is a plus.
Advanced Technical, IT Security Certifications (Security+, Network+, CEH, CISSP or equivalent) strongly preferred.
Exposure to federal healthcare applications, platforms, standards and experience with federal healthcare systems is preferred.
Meet DoD 8570.01–M and IT Level III or IAM-III.
Experience with the enterprise Mission Assurance Support Service (eMASS) or RiskVision.
Background or certifications in healthcare IT or privacy risk management (CIPP/US or CIPP/G)
Equal Opportunity Employer (EEO):
Aptive is an equal opportunity employer. We will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, disability, protected veteran or any other characteristic protected by law.
Veterans and members of the Reserve and National Guard are highly encouraged to apply.