Full Job Description
CVP is seeking a Cybersecurity Tools and Systems Architect to execute and support the implementation of a successful Agency level Cybersecurity program for the OCIO.
Analyze candidate architectures, allocate security services, and select security mechanisms.
Analyze user needs and requirements to plan architecture.
Apply an organization's goals and objectives to develop and maintain architecture.
Apply and incorporate information technologies into proposed solutions.
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
Build architectures and frameworks that reflect the organization’s current state as well as future goals and objectives.
Capture and integrate essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
Collaborate and seek continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
Design the integration of hardware and software solutions.
Determine how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Develop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements.
Develop enterprise architecture or system components required to meet organization needs.
Document and update as necessary all definition and architecture activities.
Document how the implementation of a new system or new interface between systems impacts the current and target environment including but not limited to security posture.
Employ secure configuration management processes.
Ensure acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
Execute technology integration processes.
Identify and prioritize critical business functions in collaboration with organizational stakeholders.
Identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
Integrate results regarding the identification of gaps in security architecture.
Optimize systems to meet enterprise performance requirements.
Plan implementation strategy to ensure that enterprise components can be integrated and aligned.
Provide advice on project costs, design concepts, or design changes.
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
Recognize security vulnerabilities in systems and make recommendations to remediate.
Translate proposed capabilities into technical requirements.
Write and publish cyber defense recommendations, reports, and white papers to appropriate management and stakeholders.
Write detailed functional specifications that document the architecture development process.
Maintain appropriate technical and procedural documentation.
Build and maintain client and stakeholder relationships.
Complete projects, tasks, and associated deliverables on time and with quality.
4-year college degree in Computer Science or related field and 2 years’ experience or 5 years’ experience in lieu of a college degree.
Experience demonstrating strong analytical, troubleshooting and problem-solving skills for cybersecurity.
Excellent communication skills, both written and oral.
Knowledge of NIST and FISMA guidelines.
Certified Information System Security Professional (CISSP).
Eight (8) years of experience in engineering, with a focus on cybersecurity.
Effectively function in a dynamic, fast-paced environment.
Experience in design modeling and building use cases (e.g., unified modeling language).
Experience in the use of design methods.
Experience in writing code in a currently supported programming language (e.g., Java, C++).
Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Knowledge of cloud environments .
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of configuration management techniques.
Knowledge of cyber operations terminology/lexicon.
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of cybersecurity-enabled software products.
Knowledge of data backup and recovery.
Knowledge of database systems.
Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
Knowledge of embedded systems.
Knowledge of enterprise incident response program, roles, and responsibilities.
Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability.
Knowledge of how modern wireless communications systems impact cyber operations.
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of industry-standard and organizationally accepted analysis principles and methods.
Knowledge of installation, integration, and optimization of system components.
Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of multi-level security systems and cross domain solutions.
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of N-tiered typologies (e.g. including server and client operating systems).
Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
Knowledge of parallel and distributed computing concepts.
Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
Knowledge of security system design tools, methods, and techniques.
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of software engineering.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of system administration, network, and operating system hardening techniques.
Knowledge of system fault tolerance methodologies.
Knowledge of systems testing and evaluation methods.
Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
Knowledge of the systems engineering process.
Knowledge of various types of computer architectures.
Any of the following:
Certified Information Security Architect Professional (CISSP-ISSAP)
Global Information Assurance Certification (GIAC)
GDSA: GIAC Defensible Security Architecture
GSLC: GIAC Security Leadership
GISP: GIAC Information Security Professional
GSTRT: GIAC Strategic Planning, Policy, and Leadership
GSE: GIAC Security Expert
GCIP: GIAC Critical Infrastructure Protection
Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Knowledge of circuit analysis.
Knowledge of controls related to the use, processing, storage, and transmission of data.
Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
Knowledge of evolving/emerging communications technologies.
Knowledge of how modern digital and telephony networks impact cyber operations.
Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
Knowledge of organizational hierarchy and cyber decision-making processes.
Knowledge of Personal Health Information (PHI) data security standards
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of Security Assessment and Authorization process.
Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
Knowledge of telecommunications fundamentals.
CVP is based on a culture of teamwork, respect, and flexibility. With a collaborative and diverse work environment and a strong team of smart, engaged professionals, we pride ourselves on a culture that not only promotes inclusion and open communication, but also personal and professional growth.
CVP believes that through diversity an organization can truly leverage different viewpoints, expertise, and experience, creating a culture of mutual respect, professionalism, and collaboration. In other words, a better work environment and the best results for our clients. Everyone is part of the team, and everyone is willing to help. Because of this, there is never any shortage of support, and help is only a team member away.
CVP’s idea of Continuous Change also means that CVP team members are continuous learners and forward thinkers. CVP fosters the professional development of our employees.
Customer Value Partners, Inc. is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.