Cybersecurity Architect

PRIMARY PURPOSE

CNA is hiring for a Cybersecurity Architect in the Chief Information Office (CIO). The CIO is responsible for supporting staff with all facets of CNA across a wide spectrum of information and technical activities. The Cybersecurity Architect specializes in designing, implementing, and maintaining secure cloud environments that meet the stringent requirements of FedRAMP Moderate and High, CMMC, and DoD Impact Levels 4/5. The Architect works collaboratively with the CSO, CISO, CTO, Technology & Innovation, IT leadership, and various stakeholders to develop and maintain a robust security architecture framework that effectively safeguards sensitive government data and critical infrastructure.

CNA fosters an inclusive culture that values diverse backgrounds and perspectives. Our flexible and engaging work environment encourages iterative and creative collaboration at every stage of the problem solving process. Our employees are committed to helping clients develop effective solutions to better manage their programs through scientific, data-driven approaches. We are looking for creative and innovative individuals to help carry out our mission.

JOB DESCRIPTION AND / OR DUTIES

1. Develop and maintain internal network and cloud security architecture blueprints, ensuring full compliance with CMMC, FedRAMP moderate and high, DoD SRG, NIST800-53r5, NIST800-171, and other applicable federal regulations.
2. Evaluate and integrate emerging security technologies and solutions to address the unique challenges of cloud environments and evolving threats.
3. Design and implement security controls tailored to FedRAMP Moderate, FedRAMP High, and DoD IL4/5 requirements to protect sensitive and classified information.
4. Define security standards and guidelines for cloud service selection, implementation, configuration, and ongoing management.
5. Work closely with the CSO, CISO, CTO and IT leadership to implement the cloud security strategy, ensuring alignment with agency mission objectives and CMMC, FedRAMP and DoD IL4/5 compliance.
6. Collaborate with project teams to integrate security requirements into the entire cloud system lifecycle, from design and development to deployment and operations.
7. Oversee the implementation and configuration of security solutions within cloud environments, ensuring their effectiveness and adherence to federal standards.
8. Develop and implement risk mitigation strategies and security controls to address identified risks within cloud environments.
9. Monitor and evaluate the effectiveness of risk mitigation efforts, reporting findings to senior leadership and ensuring continuous improvement.
10. Perform other duties as assigned.

JOB REQUIREMENTS

1. Education: Bachelor's degree in Computer Science, Risk Management, Engineering, or related field or equivalent combination of education and work experience. Advanced degree and industry certifications (CISSP, CISM, CCSP, CCSK etc.) preferred.
2. Experience: Minimum of 10+ years of experience in information security, with a strong focus on cloud security architecture and design.
3. Skills: Deep understanding of CMMC, FedRAMP, DoD SRG, NIST800-53r5, NIST 800-171, and other applicable federal regulations and guidelines. Strong understanding of cloud service models (IaaS, PaaS, SaaS0 and deployment models (public, private, hybrid). Ability to work on complex problems and provide highly creative solutions. Excellent communication, collaboration, and leadership skills.
4. Other: Able to lift 30 lbs. (e.g., computer and network equipment). Due to the nature of the work, some on-call availability outside of normal working hours.
5. Clearance: Must be able to obtain and maintain Top Secret clearance.
6. Hybrid Work Eligibility: This position is eligible for hybrid work arrangements at the discretion of the Supervisor. Employees may be required to work at CNA headquarters or other work locations resulting in changes to the scheduled hybrid work arrangements.

• CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America