Secure Systems Design Architect

About The Position

Requirements

• Active TS/SCI security clearance.
• Bachelor’s degree in a relevant field plus 9 years of experience, or equivalent work experience in the Information Technology design field. Additional years of experience can be considered in lieu of a degree.
• DoD 8570 IAT Level II certification (e.g., Security+).
• 2+ years of experience in IT system design, with expertise in technical documentation.
• Proficiency in Microsoft Visio or comparable design software.

Nice To Haves

• Advanced security certification (e.g., CySA+, CASP+, CISSP).
• Experience with Security Information and Event Management (SIEM) solutions and Network Monitoring Tools (SolarWinds, Stratosphere, Cisco ISE).
• Experience with the certification of Cross Domain Solutions (CDS).
• Knowledge of network appliances, virtualization platforms, and their security features.
• Familiarity with DoD architecture frameworks (DoDAF) and the system acquisition lifecycle.

Responsibilities

• Architectural Design and Documentation:
• Draft and maintain system topology diagrams, server room rack and elevation diagrams, and authorization boundary documentation using tools such as Microsoft Visio and other CAD software.
• Design system architectures compliant with cybersecurity policies, including DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53.
• Serve as the primary architectural stakeholder for the NITES contract, providing essential design documentation such as system diagrams, data flow charts, hardware and software inventories.
• Collaboration and Governance:
• Participate actively in the Change Advisory Board, assessing the impact of proposed changes and communicating required artifacts.
• Lead architectural consultations for the Enterprise Continuous Monitoring process, advising on design-level changes to address security findings.
• Participates as a key member on the engineering and planning boards, serving as a central point of collaboration with the Risk Management Framework (RMF) team, system owners, network engineers, system administration, and virtualization teams to produce and refine all technical design documentation.
• Technical Analysis and Modernization:
• Translate findings from security scanning tools (e.g., ACAS, SCAP) into actionable design modifications.
• Own and maintain the definitive master hardware (HW) and software (SW) inventories as core architectural artifacts, providing the official source of truth for all components within a system's authorization boundary for use in the Enterprise Mission Assurance Support Service (eMASS).
• Drive modernization and innovation for the NITES program by contributing to solutions in IT service management, network modernization, automation, and cloud migration.
• Stakeholder Engagement:
• Guide working groups and teams for HW/SW inventories, configuration management changes, and other engineering efforts.
• Provide regular status updates to both SAIC management and Government Service Owners.