Security Architect

Description

Leidos is seeking a Security Architect to develop robust security frameworks for a groundbreaking integrated air and missile defence command and control (C2) program for NATO partners and allied operations. You will bring your expertise in data-centric security to design, evolve, and validate a fit-for-purpose security architecture for a cloud-based solution supporting NATO missions. The role requires a thorough understanding of modern data-centric security, Zero Trust Architecture (ZTA), Identity and Access Management (IAM), and cloud security, fully aligned with the NATO Data Strategy for the Alliance (DaSA) and NATO Data-Centric Reference Architecture (DCRA).

To help define and evolve security concepts and architecture underpinning a federated, multi-domain cloud environment, you will leverage security patterns supporting data classification, tagging, lineage, encryption, access controls (RBAC/ABAC/CBAC), access decision logic, and policy-based enforcement. You will also bring strong skills in architecting Identity, Credential, and Access Management (ICAM) & Zero Trust solutions. You will create Zero Trust enforcement models across identity, endpoints, networks, workloads, and data.

Primary Responsibilities

• Use MBSE tools (e.g. Sparx Enterprise Architect) to build data-centric security-first architecture models.

• Develop architecture views aligned with the NATO Architecture Framework (NAF v4), including security views, system views, technical standards/compliance views, service-based views, and data views.

• Model security behaviours using sequences, activity flows, state machines, and dependency diagrams.

• Trace security requirements from operational concepts to system functions to services to components and to controls.

• Assist the programme and teammates in navigating and completing the NATO Security Accreditation process for systems on restricted and classified networks. Clearly identify compliance concerns and trade-offs and propose accreditation strategies.

• Create the System Security Architecture Document (SSAD), Security Target & Risk Assessment, Secure Configuration Baselines, Security Operating Procedures (SecOPs), and Security Test & Evaluation (ST&E) artifacts.

• Engage directly with NATO Security Accreditation Authorities and comply with the NATO Security Directive Series, STANAGs, and FMN Baseline requirements.

Basic Qualifications

• NATO SECRET or national equivalent security clearance.

• Bachelors in Cybersecurity, Information Assurance, Computer Science, Systems Engineering, or related field.

• Strong knowledge of the underpinnings of multi-domain security concepts, attribute-based security, and associated approaches, architectures, and technologies.

• Hands on experience with architecting for Data Centric Security and Zero Trust Architecture, preferably in a military and/or coalition environment.

• 5+ years in defense security architecture, cloud security, or classified system environments.

• Deep knowledge of cloud security, data-centric protection, encryption, IAM/ICAM, Zero Trust, and secure system design.

• Experience designing architectures for cross-domain, multi-level, multi-tenant systems.

• Knowledge of MBSE tools and modelling languages (e.g., SysML, UML, NAF/DoDAF/UAF frameworks).

• Strong understanding of modelling data flows, access policies, interfaces, and trust boundaries.

• Ability to coordinate reviews, produce documentation, and close findings with Security Accreditation Authorities (SAAs).

• Proficient with standards including but not limited to: NIST 800-207 (ZTA), NIST 800-53, ISO 27001, CIS, and NATO cyber/INFOSEC frameworks (STANAG 4774, STANAG 4778, STANAG 5636, and ACP 240)

• Experience conducting risk analyses, vulnerability assessments, and defining mitigations.

• Excellent communicator comfortable with multinational stakeholders.

• Able to guide engineers and analysts through secure-by-design principles and model-based workflows.

Preferred Qualifications

• Master’s degree.

• Expertise in Zero Trust Data Format (ZTDF)

• Expertise in MBSE tools such as Cameo, MagicDraw, or Sparx Enterprise Architect and NAF v4 operational, system, service, and security viewpoints.

• Demonstrated expertise in applying data-centric security principles.

• Demonstrated experience completing NATO accreditation for classified systems.

• Strong understanding of the NATO Data Strategy and NATO Data-Centric Reference Architecture (DCRA).

• Relevant advanced certifications:

  • CompTIA Security+

  • CISSP, CCSP

  • Zero Trust, ICAM, cloud security certifications

• Model-based engineering certifications (e.g., SysML, vendor MBSE training)

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.