Cyber Systems Architect

Job Title: Cyber Systems Architect

This position is onsite, not remote.

The salary range is dependent on experience level and location ranging from $125,766 to $172,929.

Job Summary

Develops system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes. Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

Key Responsibilities

• Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.

• Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.

• Develop/integrate cybersecurity designs for systems with multilevel security requirements.

• Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.

• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.

• Identify and prioritize critical business functions in collaboration with organizational stakeholders.

• Provide advice on project costs, design concepts, or design changes.

• Provide input on security requirements to be included in statements of work and other appropriate procurement documents.

• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.

• Analyze candidate architectures, allocate security services, and select security mechanisms.

• Develop a system security context, a preliminary system security Concept of Operations (CONOPS) and define baseline system security requirements in accordance with applicable cybersecurity requirements.

• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.

• Write detailed functional specifications that document the architecture development process.

• Analyze user needs and requirements to plan architecture.

• Develop operational technology architecture or system components required to meet user needs.

• Document and update as necessary all definition and architecture activities.

• Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.

• Translate proposed capabilities into technical requirements.

• Assess and design security management functions as related to cyberspace.

Required Qualifications

• Education Required:
  • BA/BS degree in Computer Science, Engineering, Business, or related field
  • 10 years in Information Security
  • 5 years of solution architecture and project implementation experience

• Experience Required:
  • Proficient in the Cybersecurity Solution Architecture discipline, processes, concepts, and best practices.
  • Familiarity with laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Installation, integration, and optimization of system components.
  • Industry-standard and organizationally accepted analysis principles and methods.
  • Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, nonrepudiation).
  • Operating systems.
  • Security system and software design tools, methods, and techniques.
  • Systems testing and evaluation methods.
  • Critical infrastructure systems with information communication technology that were designed without system security considerations.
  • Multi-level security systems and cross domain solutions.
  • Operational Technology (OT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
  • Cyber threats and vulnerabilities.

Preferred Qualifications

• Experience Desired
  • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Computer networking concepts and protocols (especially OT), and network security methodologies.
  • Physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • Demilitarized zones.
  • Organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
  • Network systems management principles, models, methods (e.g., end-toend systems performance monitoring), and tools.
  • Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services and network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).

Competencies

• Growth & Continuous Improvement

• Initiative & Change

• Focused on Results

• Customer Centric (internal and/or external)

• Communication

• Collaboration

• Leadership (people managers/leaders)

Disclaimer

AVANGRID is committed to a diverse and inclusive workplace. AVANGRID is an equal opportunity employer and does not discriminate on the basis of an individual’s sex, gender, gender identification, gender expression, race, color, religion, national origin, age, ancestry, genetic information, medical condition, physical or mental disability, marital status, sexual orientation, military or veteran status, or other characteristics or conditions protected by law.

Click here for Additional Disclaimer Information

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will work for Avangrid Renewables

#LI-ML1

#INOFFICE

Company:

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country.

At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law.
If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at careers@avangrid.com.

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions.  This does not include those that will work for Avangrid Power.

Job Posting End Date: