Cyber Architect - Secret
Lexington, MA
Job Type: Contract | Recruiter: Steve Merriman | Phone: 603.637.4084
| Contingent Type | LL Standard |
|---|---|
| Buyer Reference | |
| Job Code | |
| Site | Lexington (Wood St|Forbes|etc. facilities) (LEX-GEN) |
| Location | Lexington (Wood St|Forbes|etc. facilities) (LEX-GEN) |
| Work Location: Lexington MA USA 02421 |
|
| Business Unit | Cybersecurity (12-10) |
| Category | Cyber Security |
| Labor Type | Technical |
| Positions Requested | 1 |
| Respond by Date | 2025-09-09 |
| Travel Time | 0.000 % |
| Time Sheet Type | Standard |
| Time Sheet Frequency | Weekly |
| Hours per Day | 8 |
| Hours per Week | 40 |
| Total Hours | 6,272.00 |
| Estimated Additional Spend | 0.000 % |
| Estimated Expenses | 0.000 % |
| Flat Adjustments | 0.00 |
| Description: Assists in developing a cyber security framework within company and be responsible for planning, directing, and participating in the implementation of framework. Develops, manages, and implements cyber security protection across the company. Responsible for coordinating cyber security audits and communicating the results, as well as driving necessary change of critical tasks identified from the external audits. Responsible for alignment of perimeter security architecture and design standards with business strategy, service delivery, and client and vendor relationships. Ability to analyze and track cyber security trends and emerging technologies. Ability to develop, document, and communicate relevant cyber security policies and procedures. Determines appropriate cyber security certifications and lead projects to achieve such certifications. Responsible for monitoring, tracking, and reporting attempted and/or achieved unauthorized access into cyber security environment. Experience with Threat Modeling tools for Enterprise, mobile and web apps. Develops and coordinatse the relevant information and processes to educate team members on Cyber security providing them with the tools and understanding to protect their personal and corporate information. Designs and delivers robust security architecture requirements for any IT project including, but not limited to, AWS, Mobile application, third-party integrations. SIEM (Security, Information and Event Management) and experience with event correlation and management software. Certifications such as: CISSP (Certified Information Systems Security Professional), CCNP-Security (Cisco Certified Network Professional Security), CISM (Certified Information Security Manager), GIAC (Global Information Assurance Certification), or CISA (Certified Information Systems Auditor). |
|
| Enable Skills-Based Hiring | No |
| Qualification | Assessment |
| Must Have | |
| Degree Level | |
| Bachelor's Degree | Yes |
| Experience | |
| Cloud security best practices and tools. | 3 years |
| Experience in managing cloud security, networking, and storage solutions | 3 years |
| Security plans (i.e. RMF), procedures, and compliance with DoD directive 8140 | 5 years |
| Networks | |
| Penetration testing | 5 years |
| Security | |
| Cyber Experience | 8 years |
| Cyber Operational Readiness Assessment (CORA) process & maintaining an inspection ready environment | 2 years |
| Cyber security operations systems best practices | 8 years |
| Experience designing, architecting, and implementing Cross Domain Solutions (CDS) | 3 years |
| Experience with vulnerability scanning and auditing tools and processes | 6 years |
| NIST SP 800-37 | 5 years |
| Risk Management Framework (RMF) | 5 years |
| Security controls and the RMF process | 5 years |
| Systems | |
| Classified Cloud | 3 years |
| Cloud computing platforms (e.g., AWS, Azure, GCP) | 3 years |
| Nice to Have | |
| Certification | |
| CCSP (Certified Cloud Security Professional) | Yes |
| Certified Information Systems Security Professional (CISSP) | Yes |
| Cloud certifications (e.g., AWS Certified Solutions Architect, Microsoft Azure Certification) | Yes |
| Security+ CE, CASP, CISSP, or similar security certification | Yes |
|
| |
| Background/Need | |
| Virtual/Work from Home |
| Other information relevant to the job requirement? |
• Provide guidance for required RMF documentation, to successfully assess and authorize cloud technologies and CDS.
• Architect, design, and implement secure CDS solutions, ensuring compliance with NSA RTB requirements and best practices.
• Provide expert guidance on CDS accreditation processes, and data flow security.
• Evaluate and recommend CDS technologies and configurations to meet specific mission requirements while maintaining a high security posture.
Cloud Security Architecture & Engineering:
• Design, implement, and secure cloud environments (e.g., AWS, Azure Government, DAF Cloud Works) in accordance with RMF, FedRAMP, DoD SRG, and NSA RTB guidelines.
• Develop secure cloud network architectures, identity and access management (IAM) strategies, data encryption solutions, and security monitoring within cloud platforms.
• Provide guidance on secure cloud migration strategies and container security.
Policy & Procedure Development:
• Develop, write, and refine cybersecurity policies, standards, and procedures specifically tailored for CDS and cloud environments, ensuring alignment with NSA RTB and other relevant government regulations.
• Translate complex security requirements into actionable policy and guidance for technical teams.
• Lead and execute all phases of the RMF process (Categorization, Selection, Implementation, Assessment, Authorization, Monitoring) for CDS and Cloud systems, ensuring strict adherence to NIST SP 800-37, CNSSI 1253, ICD 503, and NSA RTB requirements.
• Oversee and actively participate in the implementation of security controls and countermeasures for CDS and cloud systems.
• Provide technical guidance and support to engineering teams to ensure secure system design and configuration.
• Design, develop, and deliver comprehensive training programs and materials on RMF, CDS security, cloud security best practices, and NSA RTB requirements.
Required Qualifications:
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 8+ years of experience in cybersecurity, with at least 5 years directly focused on RMF implementation and accreditation.
• 3+ years exp designing, architecting, and implementing Cross Domain Solutions (CDS).
• 3+ years exp securing cloud environments (e.g., AWS GovCloud, Azure Government) at an enterprise level.
• Proven experience in writing and implementing cybersecurity policies and procedures specific to CDS and cloud.
• Experience in developing and delivering technical training programs.
• In-depth understanding of NIST SP 800-37, CNSSI 1253, NIST SP 800-145, DoD Cloud Computing SRG, ICD 503, DoDI 8540.01, and other relevant government cybersecurity frameworks.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and security monitoring in cloud environments.
• Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.
Preferred Certifications:
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• CASP+ (CompTIA Advanced Security Practitioner)
• AWS Certified Security – Specialty
• Azure Security Engineer Associate
• Relevant vendor-specific CDS certifications
Secret Clearance is required for start
Onsite 5 days/wk
Interviews: 2 rounds Zoom Interviews
| Level of Effort |
| Will this position materially impact the conduct or direction of a research program(s)? |
| What level of clearance is required? |