IT Cybersecurity Architecture Compliance Specialist

A3 Technology, Inc. is seeking IT Cybersecurity Architecture Compliance Specialists to join our Cybersecurity group. The IT Cybersecurity Architecture Compliance Specialists will support the architecture, design and solutions team for the IT enterprise with policy oversight and security controls.

This position is 100% onsite.

Responsibilities:

• Define and develop threat models to identify vulnerabilities, assess security controls and determine/mitigate risk.
• Support the alignment of operational and security priorities.
• Support annual update of the Information System Security (ISS) Roadmap in coordination with other stakeholders.
• Support the evaluation and analysis of governance drivers including Executive Orders, Binding Operational Directives, OMB Memorandums, agency Guidance/Policy, NIST standards and frameworks, etc.
• Support annual assessment and reporting of the tailored NIST Cybersecurity Framework (CSF) including participation in workshops, reviews of updates, support of technical analysis and workgroups and development of reports and briefings.
• Provide input into international cybersecurity guidance and workgroups to ensure consideration of agency Cybersecurity perspectives.
• Provide technical cybersecurity support to agency systems.
• Review, evaluate and make recommendations on Systems Security Authorization documents (Security Assessment Reports, System Security Plans, System Contingency Plans, System Characterization Documents) to determine if risk is accurately portrayed and/or assessed.
• Conduct Gap Analysis to accurately document whether additional FIPS-199 controls are applicable to systems.
• Review and evaluate POA&M funding requests to determine if the proposal remediates or mitigates risk to an acceptable level and provide recommendation based on priorities, risk and current world events if the request should be funded.
• Collaborate with System Owners to address any cybersecurity concerns or questions.
• Create and present risk summaries to ATO Cybersecurity Group management to show the current risk and recommendations for acceptance, corrective actions, deferral or disconnection(s) required to address the cybersecurity concerns of the ATO system's cybersecurity authorization.
• Review and analyze POA&M to determine if the data effectively supports risk mitigations and make recommendations for improvements for the systems security.
• Review and evaluate system changes to determine cybersecurity risk(s) and provide guidance to address concerns.
• Attend and participate Cybersecurity Review Boards to evaluate cybersecurity risks associated with system changes and provide analysis to management.
• Collaborate with System Owners and other user groups (internal and external) to ensure system cybersecurity plans meet regulations, standards, policy and guidance and to resolve complex technical issues.
• Support the preparation, review and maintenance of reports, presentations and briefings (Emerging technologies, Zero Trust, Strategic plan, etc.).
• Support the architecture, planning, development and implementation of Cybersecurity Enterprise Solutions, Enhancements and Improvements (e.g., Cloud, Data Flow Monitoring and Zero Trust initiatives).
• Assess system modification architectures for policy compliance.

Skills Required:

• Experience supporting cybersecurity solutions for a large enterprise (over 35,000 users).
• Experience with federal IT security rulesets such as NIST.
• Experience evaluating enterprise architecture solutions and possible implementation risks.
• Experience with change management procedures.
• Experience managing cybersecurity and system security documentation in accordance with policies.
• Experience managing data from organizational data calls.
• Experience writing reports and presentations for audiences at variable technical levels.
• Excellent written and communication skills.
• Self-motivated to take ownership of projects.

Skills Preferred:

• Certificate in an IT security area (e.g. CISSP, CISM).
• Experience working with a large organization (>35,000 customers).
• Experience collaborating with peer and client teams.

Education:

• Bachelor's degree in IT/Computer Science/or related field and 10 years of IT experience.

Additionally, US Citizenship or documented proof of eligibility to work in the US is a must. Upon receiving a conditional offer of employment, candidates will undergo a Government investigation and must meet eligibility requirements for Government clearance. Verification of past employment, education and references is also required. It is imperative that candidates be either a US citizen or a current green card holder with the last 3 consecutive years as a resident of the US.

At A3 Technology, Inc., we take pride in being an Equal Opportunity Employer (EEO) and Affirmative Action (AA) employer. We're committed to considering all qualified candidates for employment without regard to race, religion, color, sex, sexual orientation, gender identity, age, protected veteran status, disability, national origin, genetic information or any other protected status.