Cyber Network Security Domain Architect

Posted:
7/24/2024, 9:57:17 AM

Location(s):
California, United States ⋅ Tyrol, Austria ⋅ Wildschönau, Tyrol, Austria ⋅ Washington, Virginia, United States ⋅ Virginia, United States ⋅ San Diego, California, United States ⋅ Norfolk, Virginia, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Remote

Leidos currently has an opening on the Service Management Integration and Transport (SMIT) Contract for a Cyber Network Security Domain Architect reporting directly to the SMIT Chief Architect.  This is an exciting opportunity to use your experience and leadership skills to successfully execute the mission of the Navy’s largest IT services program.  Under the SMIT Contract, the Leidos team is responsible for the core backbone for the Navy-Marine Corps Intranet, including cybersecurity services, network operations, network engineering, service desk, seat support services, and data transport. The Cyber Network Security Domain Architect applies enterprise IT capabilities across the workforce, bringing integrated business value across functional and organizational boundaries to end users at all levels of the Navy and Marine Corps. These services enhance workforce effectiveness and successful execution of the Navy’s mission.  Ultimately, Leidos supports the Navy in unifying its shore-based networks and data management to improve capability and services while reducing costs by focusing efforts under one enterprise network.

Qualified candidates will demonstrate professionalism and the ability to work in a dynamic, fast-paced and mission-focused environment. This position is highly focused on a secured Navy Cyber Network environment that requires a rich skillset in IP Networking, Cyber Security, SD-WAN/SASE, Cloud Networking, Cloud Security and other related technologies. This position requires qualified individuals already possessing an active US DoD SECRET security clearance.

Primary Responsibilities

  • The Cyber Network Security Domain Architect (DA) is responsible for:
    • Applying Transport Network Subject Matter Expertise (SME) and thought leadership to the execution of the Navy’s network mission. 
    • The technical architecture baseline for the Navy’s Cyber Network Security solutions including (but not limited to):  Navy Boundary Network Cyber Security solutions and management capabilities including Firewalls, IPS, Proxies, Zero Trust solutions, Application Delivery Controllers, SASE, and other new Cyber Security Network capabilities both on-prem and in the cloud.
    • Leading the development of Cyber Network Security solutions and strategies to execute the US Navy’s mission.
    • Demonstrating knowledge and application of DoD and Navy Cybersecurity policies and directives. 
    • Collaborating with Navy and DoD Cybersecurity organizations (i.e. NNWC), DISA, Industry Cloud Providers, and Partners to continuously improve the Navy’s network security posture.
    • Collaborating with teams to conduct trade studies/analyses of alternatives that support network security architecture concepts for software and hardware, (on-prem and cloud) including designing, developing, analyzing products and capabilities.
    • Providing Tier 3/Tier 4 support to Operations
    • Collaborating with Navy PEO-Digital Infrastructure Services APM-E, Service Owners, APM-E, Lead Engineers, and other DoD organizations (i.e. NNWC, US CYBERCOM), DISA, Industry Cloud Providers, and Partners to continuously improve the Navy’s classified network and its security posture.
    • Identifying technology and solution roadmaps to improve mission enterprise capabilities resulting in increased contract growth and improved customer experience.
    • Participating in the Leidos SMIT Engineering Review Board
    • Collaborating with other DAs in cases of capability overlap areas and communicating across a number of Engineering and Operations Teams.
  • Proposal Support
    • Providing subject matter expertise into new business for:
      • Help with defining customer requirements through collaboration to ensure all requirements are being captured in proposals.
      • Leading technical solutioning related to Network Security requirements
      • Providing information about required hardware/software for Network Security related solutions
      • Reviewing and providing information for proposal documentation
      • Developing and/or Reviewing statements of work
  • Architecture
    • Collaborate with teams to develop Network Transformation approaches.
      • Research and present technologies related to improving network security of the network.
    • Provide subject matter expertise for analysis of alternatives, business case analyses, etc…
    • Thought leader for working with the MBSE Team to model network security solutions
  • Engineering
    • Provide guidance and oversight to the Engineering Team:
      • Provide strategy and guidance for integration of engineered systems into the existing environment.
      • Provide system function information to Assessment and Authorization for system accreditation.
        • Package Diagrams, SEISA/A&A Plan,
      • Resolve technical conflicts for system integration.
      • Provide Lab guidance for minimal viable products to ensure proper testing of systems and system interfaces.
  • Modeling Based Systems Engineering (MBSE) Architecture Support to the Modeling Team:
    • Provide subject matter expertise of the NMCI Unclassified/Classified network system and subsystem functions:
      • Provide information about network related systems to cameo system modelers.
        • Provide/Review/Verify System Requirements
        • Provide/Review/Verify HLD Structure
        • Provide/Review/Verify LLD
      • Develop and refine standardization and definition for systems being integrated into the Cameo System Modeler.
      • Review and provide network system descriptions, background, and context.
  • Limited Operations Support
    • Provide subject matter expertise of the Unclassified/Classified Network to assist in:
      • Tier 3 escalation point for network security troubleshooting.
      • Making network security decisions that are outside of the configuration baseline to resolve network issues.
      • Informing the Operations community about updates to current systems so they are aware of new functions associated with changes.
      • Provide briefings related to system changes to the Engineering and Operations communities.

Basic Qualifications

  • Requires BS degree and 12 – 15 years of prior relevant experience or Masters with 10 – 13 years of prior relevant experience.
  • Exceptional written and oral communication skills, presentation/briefing skills; ability to interact with internal Senior-level Managers and Senior Navy Customers
  • Currently possess and ability to maintain an active DoD Secret security clearance (Top Secret preferred)
  • Ability to review requirements, comprehend, and solution capabilities that satisfy customer requirements
  • Ability to work in a highly collaborative, forward thinking, and innovation-driven environment
  • Expert/Working Knowledge required, but not limited to:  Firewalls, IPS, Proxies, Application Delivery Controllers (F5), SASE, Microsoft Azure Stack, Routing, Switching, MPLS, VPN, IPSEC, Ethernet technologies, Software Defined Networks, Zero Trust Framework, Automation, Transport specific tools and technologies, DoD Joint Regional Security Stacks (JRSS), DISA Networks, Cloud Networking and Security, etc...
  • Minimum of DoD 8570.01 IAT Level II Certification required prior to onboarding and must maintain certification while supporting the SMIT Contract (See DoD 8570.01-M Appendix 3  for valid certifications) IAT Level III preferred.
  • Expert knowledge of network security, the Zero Trust Framework, defense-in-depth principles, and modern network security architectures.
  • In-depth understanding of TCP/IP networking, ports, protocols, and the OSI 7 layer model.
  • Extensive knowledge of network security concepts, platforms, management tools, and application of each
  • Working knowledge of the Risk Management Framework (RMF), DISA STIGs
  • Experienced and adept at developing and maintaining technical documents, analyses, and reports
  • Experience presenting to client stakeholders and company management
  • Must be able to access SIPRNet from an NMCI location on short notice (local travel).
  • Ability to travel up to 10% including the potential for OCONUS travel
  • Must be in vicinity of one of the following locations:

Washington, DC

Northern Virginia

Norfolk, VA

Bremerton, WA

Jacksonville, FL

San Diego, CA

Crane, IN

Philadelphia, PN

Pensacola, FL

New Orleans, LA

Great Lakes, IL

Millington, TN

Ft. Worth, TX

Patuxent River, MD

Preferred Qualifications

  • Previous work experience providing support to the NGEN-NMCI program is highly desired.
  • Advanced/Professional level vendor certifications (Cisco, Juniper, Palo Alto, F5, Trellix, Azure)
  • ITIL or Agile certifications or applicable experience
  • Recent experience with Navy IT services and/or NMCI/OneNet
  • Model Based Systems Engineering (MBSE) and SysML experience; Cameo Systems Modeler
  • DevOps experience/Automation experience
  • Coding/Scripting

Original Posting Date:

2024-07-24

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $122,200.00 - $220,900.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.