Zachary Piper Solutions is seeking a Principal Cyber Architect to support a library modernization program for Geospatial Intelligence in Rancho Bernardo, CA. The team is seeking a skilled engineer to lead security teams with the specification, development, and application of computer systems for a rapidly developing environment.

QUALIFICATIONS OF THE PRINCIPAL CYBER ARCHITECT:

• Active Top Secret clearance, TS/SCI highly preferred
• 6-8+ years of related information security and network engineering experience
• Certifications: IAT III/ISC2 CISSP (CISM, CASP+, GCIH, GSLC, CEH)
• Experience with A&A tools: ACAS, Nessus, SCAP Scanner, STIG viewer, Tenable
• Demonstrated experience in national cybersecurity policies; DoD A&A processes and procedures and industry best practices on complex systems
• Expertise with offensive architecting, threat modeling and attack vector analysis
• Experience leading and coordinating security test events to achieve accreditation milestones
• Understanding of offensive security tactics, techniques, and procedures (TTPs)
• Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)
• Experience with Open Container Initiative (OCI) including Platform One, Iron Bank and Repo One
• Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)

• Lead multidisciplinary systems engineering teams to deliver secure and resilient solutions across complex environments.
• Oversee Assessment and Authorization (A&A) processes for DoD systems in alignment with the Risk Management Framework (RMF), ensuring compliance and operational readiness.
• Support full-spectrum systems engineering activities, including concept of operations (CONOPS), requirements definition and allocation, cybersecurity architecture and implementation, verification and validation, and continuous monitoring throughout deployment and sustainment phases.
• Contribute to the design and evaluation of offensive cybersecurity architectures, focusing on defense-in-depth strategies and threat mitigation.
• Integrate Development Security Operations (DevSecOps) practices into system lifecycles, enabling secure CI/CD pipelines and containerized deployments.
• Develop and assess comprehensive system security documentation, including security CONOPS, risk matrices, control traceability, test procedures, and POA&Ms.
• Perform vulnerability assessments to validate system compliance with RMF controls and DISA STIGs, identifying and mitigating security gaps.
• Analyze static and dynamic code scans to ensure application security and adherence to development-related STIG requirements.
• Support customer engagements through travel, including technical meetings, product demonstrations, integration activities, and system testing.