Cybersecurity Architect (3316-183)

Alutiiq LLC Washington , DC 20319

Posted 4 months ago

Assessment and alignment of the USDA CDM solutions to the Department's Enterprise Architecture and Cybersecurity Architecture ensures cohesion of effort, streamlining of efficiencies, cost savings, and adherence to industry standards and models. USDA has partnered with DHS on their Cybersecurity Architecture Review (.govCAR) initiative which leverages the Office of the Director of National Intelligence's (ODNI) Cyber Threat Framework to discern capability gaps and prioritized needs. The contractor shall support USDA, via leveraging of industry and DHS .govCAR best practices, standards and the unique .govCAR assessment methodology, to assist in development and maturation of a USDA Cybersecurity Architecture. The architecture will also leverage the NIST Cyber Security Framework (CSF). Based on the level of work the Government expects one to two dedicated individuals would be required to meet this need. Cybersecurity Architecture support includes:

  • Directly support the ISCM CDM Program Manager and overall ISC.

  • Attend all USDA internal architecture meetings (relevant to cybersecurity) and DHS .govCAR Focus Group meetings.

  • Coordinate with DHS .govCAR Focus Group lead to leverage the architecture, threat data and assessment methodology at USDA.

  • Coordinate across USDA, as required, to gain inputs and insights to assist in development and implementation of a USDA Cybersecurity Architecture.

  • Post all cybersecurity architecture documentation to a shared data repository.

  • The contractor shall conduct an as-is assessment of the cybersecurity architecture and provide expert level recommendations for the new architecture. The as-is assessment will be completed using the .govCAR assessment methodology and as required other tools to complete the task. Results of this mapping will identify existing gaps against adversary activities and allow USDA to remediate shortcomings.

  • The contractor will provide the results of the assessment via formatted report to the ISCM CDM Program Manager and ISC leadership. It is expected that by using the DHS .govCAR assessment methodology tool, developed by the National Security Agency (NSA), USDA defensive capabilities against intelligence-informed threat vectors will be mapped.

  • The contractor will coordinate with the USDA OCIO Enterprise Architecture office on the cybersecurity architecture efforts to ensure alignment.

  • The contractor will also coordinate with the ASOD Engineering and Architecture Branch Chief and the OCIO ISC Cybersecurity Operations Consolidation Integrated Project Team (IPT) to ensure alignment as well as to inform more tactical levels of effort whilst developing the strategic Cybersecurity Architecture.

  • Coordinate with the ASOD, DHS and as needed intelligence organizations to garner specific threats to USDA information technology and capabilities. This effort will build upon the Cyber Threat Framework, from Office of the Director of National Intelligence (ODNI), used by DHS for .govCAR to discern unique and/or additional threats to the USDA and its cyber and cybersecurity architectures.

  • The Contractor shall assist USDA in cybersecurity architecture assessment, design, development and planning of current and future technical and functional/business systems by depicting technical, systems and functional architecture views as required.

  • The Contractor shall facilitate and develop plans which will enable information sharing, integration, and interoperability while considering service-oriented architecture best practices by aligning with overarching Federal and DHS architectures. Architecture support provided to USDA shall consider the full life cycle, inclusive of initial planning through systems decommissioning. The Contractor shall research and identify new and emerging technologies for potential insertion into current and future programs, and the cybersecurity architecture baseline, based on a business case analysis (e.g., cloud services, Big Data analysis). This may include, but is not limited to, analytical capabilities, infrastructure innovation, data innovation, and other strategic innovations as required by the Government.

  • The Contractor shall engage in practices to enable rapid fielding of capabilities developed externally including the establishment of a Continuous Integration Practice built on the Continuous Integration/Continuous Delivery methodology providing the systematic, repeatable, secure, and streamlined delivery of capabilities to production environments.

  • Current architectures are comprised of separate disparate client server legacy, virtual and cloud environments. The Government's intent is to migrate to an integrated hybrid architecture that provides the best mission outcomes for its customer base by improving efficiency, reliability and cost effectiveness. Services include, but are not limited to, standardizing and optimizing system and infrastructure designs and architectures; identifying and coordinating emerging IT solutions and technology integration opportunities; implementing innovative industry best practices and technologies that maximize efficiencies and cost savings; developing new systems and infrastructure capabilities to meet mission requirements and improve operational efficiency of customers; delivering system and infrastructure capabilities that scale to meet enterprise demand with the least reengineering effort possible; and facilitating and monitoring the integration, interoperability, and synchronization of enterprise-wide systems and infrastructure solutions and services.

  • The Contractor shall support the Government life cycle systems engineering and infrastructure engineering activities as it continues to transition to the end state hybrid architecture. The Contractor shall provide; the capability to coordinate infrastructure transition and application development efforts, translate strategic initiatives into functional IT requirements and corresponding capabilities, define capability gaps, support and/or manage as needed the technical plans for IT engineering, hardware, and enterprise architecture projects, ensure the quality tools and technologies are delivered according to government cost, schedule, and performance objectives.

  • The Contractor shall participate and support the development of implementation strategies and courses of action that address mission capabilities development and implementation, data migration, and capacity planning. The Contractor shall also understand the relationship of applications and databases and other capabilities that will be operating in infrastructure as a service; platform as a service; and potentially application as a service as well as all government-specific data types. Additionally, the Contractor shall provide options for interfaces between the cloud provider(s) and consumers to utilize and manage the on-demand self-service and expected elasticity with the ability to forecast accurately and take advantage of the elasticity of the cloud.

upload resume icon
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Cybersecurity Engineer
New!

Clearfocus Technologies

Posted Today

VIEW JOBS 1/17/2019 12:00:00 AM 2019-04-17T00:00 <strong>We are seeking a Senior Cybersecurity Engineer position in Washington, DC. All applicants must have an active Top Secret clearance.<br /> <br /> Job Description:</strong><br /> Senior Cybersecurity Engineer to provide IT Systems Security support to a government customer.<br />  <br /> Note: This is a Senior role. Experience with specific cybersecurity products is not sufficient to be successful. The candidate will need broad experience in server, networking, hardware, workstation, code/application and protocol technologies. The candidate will routinely be expected to architect and implement novel solutions involving multiple commercial, GOTS, and open source products which they have not previously worked with before. They are expected to quickly read documentation and develop solutions based on their broad expertise with the underlying protocols and technologies.<br />  <br /> The Senior Cybersecurity Engineer responsibilities include: <ul> <li style="padding: 0; margin: 0;">Architect and implement complex cybersecurity solutions to address new and emerging threats, support policy requirements, and support agency initiatives.</li> <li style="padding: 0; margin: 0;">Recommend technological and architectural upgrades/modifications to agency's Information Systems Security architecture.</li> <li style="padding: 0; margin: 0;">Interface with IT Operations, special programs, and other groups to ensure their projects integrate the necessary cybersecurity controls and technologies.</li> <li style="padding: 0; margin: 0;">Architect, Install, configure and maintain Linux servers (CentOS, RHEL, Ubuntu)</li> <li style="padding: 0; margin: 0;">Architect, Install, configure and maintain IDS sensors (Snort, SourceFire, Suricata, Bro, NTOP)</li> <li style="padding: 0; margin: 0;">Architect, Install, configure, and maintain Host based defenses (McAfee ePO)</li> <li style="padding: 0; margin: 0;">Architect, Install, configure, and maintain Security Orchestration Automation Response (SOAR) technologies</li> <li style="padding: 0; margin: 0;">Architect, Install, configure, and maintain vulnerability scanning solutions (Tenable)</li> <li style="padding: 0; margin: 0;">Architect, Install, configure, and maintain enterprise firewalls</li> <li style="padding: 0; margin: 0;">Architect, Install, configure, and maintain SIEM solutions</li> <li style="padding: 0; margin: 0;">Develop and implement custom scripts to solve integration challenges between products</li> <li style="padding: 0; margin: 0;">Identify requirements for additional cybersecurity monitoring and defense capabilities which will enhance the situational awareness capability.</li> <li style="padding: 0; margin: 0;">Develop Life Cycle plans for all cybersecurity systems, including support with testing of new systems.</li> <li style="padding: 0; margin: 0;">Lead cybersecurity architecture, deployment planning and implementation tasks.</li> <li style="padding: 0; margin: 0;">Provide incident response functions when appropriate and coordinate activities with site Incident Handlers.</li> <li style="padding: 0; margin: 0;">Write guidelines, standards, procedures and other technical documentation.</li> <li style="padding: 0; margin: 0;">Support the Agency in publishing incidents, alerts, advisories and bulletins as required.</li> <li style="padding: 0; margin: 0;">Working closely with the SOC Watch and Cyber Threat Intelligence groups, quickly answering ad-hoc questions to support their missions</li> <li style="padding: 0; margin: 0;">Any other duties as requested by the SOC management</li> </ul>  <br /> The Senior Cybersecurity Engineer may also occasionally asked to perform non-engineering duties which include the following, and ideal applicants will be experienced in at least one of the following areas: <ul> <li style="padding: 0; margin: 0;">Incident Response</li> <li style="padding: 0; margin: 0;">Cyber Hunt</li> <li style="padding: 0; margin: 0;">Digital Forensics</li> <li style="padding: 0; margin: 0;">Malware Analysis</li> <li style="padding: 0; margin: 0;">Reverse Engineering</li> <li style="padding: 0; margin: 0;">Penetration testing</li> <li style="padding: 0; margin: 0;">Data Analytics/Machine Learning</li> </ul>  <br /> <strong>Preferred Qualifications</strong> <ul> <li style="padding: 0; margin: 0;">Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).</li> <li style="padding: 0; margin: 0;">Multiple industry certifications such as CISSP, GIAC, CeH</li> <li style="padding: 0; margin: 0;">Multiple product certifications such as RHCE, CCNA, Tenable, Splunk</li> <li style="padding: 0; margin: 0;">Possesses experience supporting the Intelligence Community (IC)</li> <li style="padding: 0; margin: 0;">Experience proactively providing system security support in accordance with NIST 800 series</li> </ul>  <br /> <strong>CLEARANCE REQUIREMENTS</strong> <ul> <li style="padding: 0; margin: 0;">TS Required; SCI Preferred.</li> <li style="padding: 0; margin: 0;">Ability to obtain a Q/SCI required.</li> <li style="padding: 0; margin: 0;">May begin work after receipt of TS/Q/SCI clearance.</li> </ul>  <br /> <strong>EDUCATION REQUIREMENTS</strong> <ul> <li style="padding: 0; margin: 0;">7-10 years experience</li> <li style="padding: 0; margin: 0;">Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university</li> </ul>   Clearfocus Technologies Washington DC

Cybersecurity Architect (3316-183)

Alutiiq LLC