Job Description
Ensures that the stakeholder security requirements necessary to protect the organization's mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.Key Responsibilities:Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements.Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.Provide input on security requirements to be included in statements of work and other appropriate procurement documents.Analyze candidate architectures, allocate security services, and select security mechanisms.Develop a system security context and define baseline system security requirements in accordance with applicable cybersecurity requirements.Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.Translate proposed capabilities into technical requirements.Assess and design security management functions as related to cyberspace.Minimum Qualifications:Knowledge of computer networking concepts and protocols, and network security methodologies.Knowledge of risk management processes.Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.Knowledge of cybersecurity and privacy principles.Knowledge of cyber threats and vulnerabilities.Knowledge of authentication, authorization, and access control methods.Ability to communicate effectively when writing.Ability to apply cybersecurity and privacy principles to organizational requirements. #J-18808-Ljbffr