RiVidium Inc (doing business as TripleCyber) is seeking an Enterprise Architect to also serve as the Lead for the Cross-Domain Governance Task Area on the contract. The successful candidate will be responsible for developing and maintaining business systems and information processes to support enterprise mission requirements. Additionally, they will create Information Technology (IT) rules and requirements that define both baseline and target architectures as well as lead a team in support of the contract task area.
Tasks:
- Cybersecurity Architecture Compliance: Ensure all acquired or developed systems and architectures align with the organization's cybersecurity architecture and Raise the Bar (RtB) guidelines.
- Ensure all acquired or developed systems and architectures align with the organization's cybersecurity architecture guidelines.
- Business Function Prioritization: Identify and prioritize critical business functions in collaboration with organizational stakeholders to support strategic objectives.
- Project Advisory: Provide expert advice on project costs, design concepts, and design changes to enhance project outcomes. Identify and prioritize critical business functions in collaboration with organizational stakeholders
- Risk Management Framework Contributions: Offer input to the Risk Management Framework process activities and related documentation, including system life-cycle support plans, concepts of operations, operational procedures, and maintenance training materials.
- Architecture and Schema Analysis: Analyze candidate architectures and perform schema analysis to allocate security services and select appropriate security mechanisms. Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
- Cross Domain Solution Architecture Review: Evaluate and review Cross Domain Solution architectures to ensure secure and efficient data transfer across domains.
- System Security Context Development: Develop a system security context and a preliminary system security Concept of Operations (CONOPS), defining baseline security requirements in accordance with applicable cybersecurity standards.
- Security Architecture Evaluation: Assess security architectures and designs to determine the adequacy of proposed solutions against acquisition requirements.
- Functional Specifications Documentation: Write detailed functional specifications that document the architecture development process.
- User Needs Analysis: Analyze user needs and requirements to inform architectural planning and design.
- Restoration Capabilities Integration: Capture and integrate essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
- Enterprise Architecture Development: Develop enterprise architecture or system components required to meet user needs effectively.
- Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
- Write detailed functional specifications that document the architecture development process.
- Documentation Management: Document and update all definition and architecture activities as necessary to ensure accuracy and completeness.
- Security Architecture Gap Analysis: Integrate results regarding the identification of gaps in security architecture to inform enhancements.
- Implementation Strategy Planning: Plan implementation strategies to ensure that enterprise components can be integrated and aligned effectively.
- Technical Requirements Translation: Translate proposed capabilities into actionable technical requirements for development teams.
- Impact Assessment Documentation: Document how the implementation of a new system or interface between systems impacts the current and target environment, particularly regarding security posture.
- Key Management Integration: Integrate key management functions as they relate to cybersecurity practices.
- Service Plus and Jira Confluence Utilization: Use Service Plus for service management and Jira Confluence for documentation and collaboration, enhancing project management and communication efficiency.
- Review of System Rule-Set: Conduct regular reviews of the System Rule-Set to ensure compliance with established policies, effectiveness of security controls, and alignment with organizational objectives.
Abilities:
- Skill in applying and incorporating information technologies into proposed solutions.
- Skill in designing the integration of hardware and software solutions.
- Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Skill in design modeling and building use cases (e.g., unified modeling language).
- Skill in evaluating code in a currently supported programming language (e.g., Java, XML).
- Skill in the use of design methods.
- Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
Requirements:
- Bachelor's degree or higher from an accredited college or university
- Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree, or a degree in a Mathematics or Engineering field.
- Certification(s): IAT, IAM, or IASAE Level 3
Desired:
Familiarity and demonstrated knowledge with Cross Domain Solutioning. Strategic and Innovative ideas associated with Cross Domain Governance and Capabilities