Sr. Solutions Architect II (6543)

MetroStar•Washington, DC

About The Position

As Sr. Solutions Architect II (Zero Trust and RMF), you’ll design, implement, and govern security architectures aligned with ICD and RMF practices to enable risk-based authorization, continuous monitoring, and secure information sharing across the IC environment. This role partners with cybersecurity, cloud, network, identity, and mission teams to integrate Zero Trust controls into system lifecycles, ensuring authorization readiness and interoperability across IC elements. We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers. If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

Requirements

An active TS/SCI security clearance
Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field, or equivalent experience.
8+ years of experience in Zero Trust implementation within an enterprise organization.
Demonstrated experience supporting RMF based authorization processes in IC or similarly regulated environments.
Strong understanding of ICD 503, NIST RMF, and risk based security decision making.
Ability to communicate complex technical and risk concepts to technical teams and senior decisionmakers, including AOs.

Responsibilities

Design and govern enterprise Zero Trust architectures aligned with ICD 503, IC CIO guidance, and NIST RMF.
Assess current and target states to identify and manage systemic, inherited, and residual risk across interconnected IC systems.
Develop Zero Trust roadmaps and reference architectures that support risk based authorization decisions and mission priorities.
Balance security, mission performance, interoperability, privacy, and operational efficiency in architectural decisions.
Architect Zero Trust solutions that support RMF processes, including control selection, inheritance, continuous monitoring, and ongoing authorization.
Ensure systems are authorization ready by design, reducing friction during ATO and reauthorization.
Enable reciprocal acceptance of security assessments through standardized Zero Trust control implementation.
Provide architectural artifacts to support SSPs, POA&Ms, security assessments, and AO risk decisions.Continuous Monitoring & Operations Integration
Design architectures that enable continuous monitoring, visibility, and risk awareness across users, devices, applications, networks, and data.
Integrate Zero Trust controls with SOC/NOC operations, SIEM/XDR, and incident response workflows.
Ensure monitoring strategies scale across enterprise, mission, and shared services environments.
Enable secure system interconnection and data sharing without extending implicit trust.
Apply policy based access, least privilege, and continuous verification to support IC interoperability objectives.
Reduce enterprise wide risk propagation in federated environments.
Produce architecture documentation, reference designs, and executive briefings aligned to ICD 503 and RMF.
Advise program leadership, ISSMs/ISSEs, and AOs on risk posture, tradeoffs, and residual risk.
Support audit readiness, compliance activities, and privacy/civil liberties protections.
Monitor Zero Trust maturity and recommend enhancements based on threats, mission needs, and risk trends.
Stay current with ICD 503 updates, IC CIO guidance, and NIST standards.
Contribute to reusable standards and patterns to strengthen IC wide risk management.