Senior Data Architect, Zero Trust (5210) (TS/SCI) (Ft. Belvoir, VA )

SMX•Fort Belvoir, VA

2d•Onsite

About The Position

SMX is seeking a Senior Zero Trust Data Architect to lead the design and implementation of a comprehensive data architecture strategy built on Zero Trust security principles, ensuring robust protection of data throughout its entire lifecycle. This senior-level position requires expertise in evaluating and developing security architectures, creating detailed functional specifications, and establishing data governance frameworks that include classification, access controls, and loss prevention measures. The ideal candidate will architect secure data models and pipelines, implement advanced access control mechanisms (ABAC/RBAC), and integrate continuous monitoring and micro-segmentation controls in collaboration with cybersecurity teams. Key responsibilities include developing threat models, managing dynamic trust engines, overseeing encryption and tokenization implementations, and documenting comprehensive security requirements. This role also involves advising executive leadership on Zero Trust architectural strategies, partnering with application development teams to embed security principles in new systems, and mentoring junior architects and engineers in secure data architecture best practices. This is a full-time onsite position in Ft. Belvoir, VA.

Requirements

Active TS security clearance and eligible for SCI and NATO read-on prior to starting work.
In-depth knowledge of Zero Trust architecture, principles, and implementation frameworks (e.g., NIST SP 800-207, CISA Zero Trust Maturity Model).
Proven experience designing and implementing data-centric security solutions, including data loss prevention (DLP), data classification, and encryption.
Knowledge of enterprise information technology (IT) architectural concepts and patterns to include baseline and target architectures.
Expertise in data modeling techniques (e.g., dimensional, Data Vault) and tools (e.g., ERwin, Visio).
Strong understanding of identity and access management (IAM), multi-factor authentication (MFA), and privileged access management (PAM).
Experience with cloud security architecture and services in platforms like AWS, Azure, or GCP.
Proficiency in data security and governance tools and platforms.
Knowledge of cyber threats and vulnerabilities.
Knowledge of emerging security issues, risks, and vulnerabilities.
Knowledge of risk assessments and authorization per Risk Management Framework processes.
Knowledge of how commercial and federal solutions solve Defense-related data environment and platform challenges, e.g., data classification and rights-management platforms, enterprise data-loss prevention, cloud-access security brokers, key management and encryption, and data-security posture management.
Excellent communication skills with the ability to articulate complex security concepts to both technical and non-technical stakeholders.
Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field.
A minimum of 8-10 years of experience in data architecture, with at least 4-5 years in a role with a significant security focus.
Demonstrated experience in designing and implementing large-scale, secure data solutions in complex, hybrid environments.
Proven track record of leading data governance and security initiatives.

Nice To Haves

Professional certifications such as Certified Information Systems Security Professional (CISSP), GIAC Defensible Security Architect (GDSA), or a Zero Trust-specific certification (e.g., CSA CCZT) are highly desirable.

Responsibilities

Design and implement a comprehensive data architecture strategy based on Zero Trust principles, ensuring that data is protected at all stages of its lifecycle.
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements.
Write detailed functional specifications that document the architecture development process.
Develop and enforce data governance policies, including data classification, access controls, and data loss prevention.
Create and maintain conceptual, logical, and physical data models for our data platforms.
Architect and oversee the implementation of data security measures, including encryption for data in transit and at rest, and tokenization.
Develop threat model based on customer interviews and requirements.
Collaborate with cybersecurity teams to integrate Zero Trust controls, such as micro-segmentation and continuous monitoring, into the data architecture.
Define and implement Attribute-Based Access Control (ABAC) and Role-Based Access Control (RBAC) to enforce the principle of least privilege.
Lead the design of secure data pipelines for data ingestion, transformation, and storage in data lakes and data warehouses.
Work with application development teams to ensure new applications are designed with Zero Trust data principles.
Establish and manage a "trust engine" to dynamically evaluate access requests based on user behavior, device health, and other contextual data.
Document the protection needs (i.e., security controls) for the information system(s).
Advise higher level leadership on Zero Trust architectural issues.
Mentor junior data architects and engineers on Zero Trust best practices and secure data architecture design.