SBA - Cybersecurity Architect

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Systems Engineering, Information Assurance, or related field. Relevant experience may substitute for degree requirements.
• Minimum of 12 years of experience supporting enterprise cybersecurity architecture, cybersecurity engineering, systems engineering, or federal cybersecurity programs.
• Demonstrated experience designing and implementing enterprise security architectures across cloud, hybrid, and on-premises environments.
• Strong expertise in Zero Trust Architecture (ZTA), cloud security architecture, identity and access management, and enterprise security engineering.
• Hands-on experience with Microsoft Azure, Microsoft 365, AWS, Salesforce, and enterprise cloud security technologies.
• Experience supporting cybersecurity operations, incident response, vulnerability management, and SOC environments.
• Strong knowledge of NIST cybersecurity frameworks, RMF, FedRAMP, FISMA, and federal cybersecurity mandates.
• Experience designing secure enterprise network architectures, segmentation strategies, and defense-in-depth solutions.
• Knowledge of DevSecOps, CI/CD security integration, automation, scripting, and infrastructure-as-code concepts.
• Experience developing architecture documentation, implementation plans, technical standards, and security engineering artifacts.
• Strong analytical, communication, technical writing, and executive briefing skills.
• Ability to work collaboratively with executive leadership, technical teams, program managers, and federal stakeholders.

Nice To Haves

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• TOGAF Enterprise Architecture Certification
• SABSA Chartered Security Architect
• AWS Certified Security – Specialty
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Expert (GSE)
• GIAC Defensible Security Architecture (GDSA)
• CompTIA CASP+

Responsibilities

• Provide senior-level enterprise cybersecurity architecture and engineering support for the SBA ECS program.
• Support Task Areas 3.5.4 and 3.5.4.1 by designing, implementing, and maintaining secure enterprise cybersecurity architectures and security engineering solutions.
• Develop and maintain enterprise cybersecurity architecture frameworks, roadmaps, technical standards, reference architectures, and modernization strategies.
• Lead the design and implementation of Zero Trust Architecture (ZTA) capabilities aligned with NIST SP 800-207 and OMB M-22-09 guidance.
• Design secure architectures for cloud, hybrid, SaaS, and on-premises environments supporting Microsoft Azure, Microsoft 365, AWS, Salesforce, and enterprise systems.
• Develop and maintain enterprise architecture diagrams, security blueprints, data flow diagrams, trust boundaries, and technical implementation documentation.
• Provide cybersecurity engineering expertise for SIEM, SOAR, EDR, IDS/IPS, firewalls, DLP, PKI, IAM, NAC, MFA, and cloud-native security technologies.
• Conduct cybersecurity architecture assessments, threat modeling, risk analysis, and technology evaluations to identify gaps and recommend improvements.
• Support enterprise security engineering and architecture integration activities for network infrastructure, applications, APIs, databases, cloud services, and enterprise platforms.
• Develop secure design patterns and architecture guidance supporting DevSecOps, CI/CD pipelines, container security, automation, and secure software development practices.
• Support implementation of cybersecurity controls aligned with NIST SP 800-53 Rev. 5, FISMA, FedRAMP, RMF, CISA directives, and federal cybersecurity requirements.
• Provide architectural guidance for cybersecurity modernization initiatives including AI governance, automation, post-quantum cryptography, and cloud transformation efforts.
• Collaborate with SOC operations, incident response, vulnerability management, and threat hunting teams to improve enterprise cyber defense capabilities.
• Evaluate emerging cybersecurity technologies, threat intelligence, and evolving adversary tactics to enhance the SBA security posture.
• Support enterprise-wide risk management, continuous monitoring, and system authorization activities.
• Provide technical leadership and mentorship to cybersecurity engineers, analysts, architects, and program stakeholders.
• Participate in architecture review boards, change management activities, and technical governance meetings.
• Develop executive briefings, technical reports, architecture recommendations, and strategic cybersecurity implementation plans.
• Support continuity of operations, resiliency engineering, and secure enterprise integration across geographically dispersed environments.
• Ensure cybersecurity architectures align with SBA operational objectives, federal mandates, and enterprise technology strategies.