Enterprise Architect with Security Clearance

Description: Develops and maintains business, systems, and information processes to support enterprise mission needs; develops information technology (IT) rules and requirements that describe baseline and target architectures. Tasks: Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restorationEmploy secure configuration management processesEnsure that acquired or developed system(s) and architecture(s) are consistent with organization''s cybersecurity architecture guidelines.Identify and prioritize critical business functions in collaboration with organizational stakeholdersProvide advice on project costs, design concepts, or design changesProvide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).Analyze candidate architectures, allocate security services, and select security mechanismsDevelop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements.Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.Write detailed functional specifications that document the architecture development process.Analyze user needs and requirements to plan architectureCapture and integrate essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.Develop enterprise architecture or system components required to meet user needs.Document and update as necessary all definition and architecture activitiesIntegrate results regarding the identification of gaps in security architecturePlan implementation strategy to ensure that enterprise components can be integrated and alignedTranslate proposed capabilities into technical requirementsDocument how to implementation of a new system or new interface between systems impacts the current and target environment including but not limited to security postureIntegrate key management functions as related to cyberspaceSkills: In applying and incorporating information technologies into proposed solutionsIn designing the integration of hardware and software solutionsIn determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomesIn design modeling and building use cases (e.g., unified modeling language)In writing code in currently supported programming language (e.g., Java, C++)In the use of design methodsTo apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)To identify cybersecurity and privacy issues that stem from connections with internal and external and partner organizations.IAT Level III CertifiedAbilities: To apply the methods, standards, and approaches for describing, analyzing, and documenting and organization''s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).To conduct vulnerability scans and recognize vulnerabilities in security systemsTo apply an organization''s goals and objectives to develop and maintain architectureTo optimize systems to meet enterprise performance requirementsTo execute technology integration processesTo build architectures and frameworksTo apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).To identify critical infrastructure systems with information communication technology that were designed without system security considerationsTo set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networksClearance: TS/SCI with CI Poly

Created: 2025-11-15