Cyber Architect

Job Responsibilities:

• RMF Implementation & Compliance:
• Lead and execute all phases of the RMF process (Categorization, Selection, Implementation, Assessment, Authorization, Monitoring) for CDS and Cloud systems, ensuring strict adherence to NIST SP 800-37, CNSSI 1253, ICD 503, and NSA RTB requirements.
• Provide guidance for required RMF documentation, to successfully assess and authorize cloud technologies and CDS.
• Conduct comprehensive security control assessments, vulnerability analyses, and risk assessments for CDS and cloud architectures.
• Cross Domain Solution (CDS)

Skills:

• Architect, design, and implement secure CDS solutions, ensuring compliance with NSA RTB requirements and best practices.
• Provide expert guidance on CDS accreditation processes, and data flow security.
• Evaluate and recommend CDS technologies and configurations to meet specific mission requirements while maintaining a high security posture.
• Cloud Security Architecture & Engineering:
• Design, implement, and secure cloud environments (e.g., AWS, Azure Government, DAF Cloud Works) in accordance with RMF, FedRAMP, DoD SRG, and NSA RTB guidelines.
• Develop secure cloud network architectures, identity and access management (IAM) strategies, data encryption solutions, and security monitoring within cloud platforms.
• Provide guidance on secure cloud migration strategies and container security.
• Policy & Procedure Development:
• Develop, write, and refine cybersecurity policies, standards, and procedures specifically tailored for CDS and cloud environments, ensuring alignment with NSA RTB and other relevant government regulations.
• Translate complex security requirements into actionable policy and guidance for technical teams.
• Implementation & Remediation:
• Oversee and actively participate in the implementation of security controls and countermeasures for CDS and cloud systems.
• Provide technical guidance and support to engineering teams to ensure secure system design and configuration.
• Track and manage POA&Ms, working with stakeholders to ensure timely implementation of CSD and cloud technologies, Training
• Design, develop, and deliver comprehensive training programs and materials on RMF, CDS security, cloud security best practices, and NSA RTB requirements.

Education/Experience:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 8+ years of experience in cybersecurity, with at least 5 years directly focused on RMF implementation and accreditation.
• 3+ years exp designing, architecting, and implementing Cross Domain Solutions (CDS).
• 3+ years exp securing cloud environments (e.g., AWS GovCloud, Azure Government) at an enterprise level.
• Proven experience in writing and implementing cybersecurity policies and procedures specific to CDS and cloud.
• Experience in developing and delivering technical training programs.
• In-depth understanding of NIST SP 800-37, CNSSI 1253, NIST SP 800-145, DoD Cloud Computing SRG, ICD 503, DoDI 8540.01, and other relevant government cybersecurity frameworks.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and security monitoring in cloud environments.
• Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.
• Preferred Certifications:
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• CASP+ (CompTIA Advanced Security Practitioner)
• AWS Certified Security – Specialty
• Azure Security Engineer Associate
• Relevant vendor-specific CDS certifications