Technical Architect

Job Description

Job Description

Summary

ASI works with the Veterans Administration (VA) to support the governance pillar in creating, implementing, and providing support for the necessary requirements and outcomes of the Zero Trust Architecture (ZTA) assessments. We provide iterative updates for pillar use cases while accounting for a risk based and dependency-based priority of capabilities.

The Technical Architect specializing in Zero Trust Architecture will play a pivotal role in fortifying the security of the federal agency’s digital assets and information systems. By implementing Zero Trust principles, the architect will minimize the risk of data breaches, improve threat detection capabilities, and ensure that only authorized individuals have access to critical resources. This role not only enhances security posture but also contributes to the overall resilience of the agency in a landscape of ever-evolving cyber threats. The architect will bring a proactive, forward-thinking approach to security, ensuring compliance with federal mandates while future-proofing the agency’s cybersecurity framework. The role requires familiarity with Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks, as well as experience in implementing cyber security regulations and ZTA principles. This architect turns policy into working designs: you’ll capture the current state, sketch the target state, and help move real systems in that direction, without drowning anyone in jargon.

What you'll do:

• Draw the map. Produce enterprise and solution architecture views (conceptual to logical to physical) that follow TOGAF conventions. Build clean, high-fidelity diagrams in Microsoft Visio (or Archi/Lucid chart/draw.io) using ArchiMate and BPMN 2.0 where it clarifies flow and policy.
• Advance Zero Trust maturity. Assess current posture and recommend a staged roadmap using CISA ZTMM v2.0 pillars and crosscutting capabilities. Translate gaps into prioritized initiatives with measurable outcomes.
• Design practical ZT use cases. Document identity, device, micro segmentation, and policy decision patterns (PDP/PEP, ABAC) and guide them through governance to decision.
• Shepherd implementations. Turn use cases into implementation and test plans for cloud and on Prem systems; contribute to test reports and after-action findings.
• Report what matters. Build Power BI dashboards and monthly/quarterly scorecards with drilldowns by pillar/capability so leaders can see progress at a glance.
• Align to federal guidance. Ensure designs reflect NIST SP 800207 Zero Trust, OMB M2209, TIC 3.0, and relevant federal directives/handbooks.
• Work within RMF. Support system owners through control selection, inheritance, evidence, and continuous monitoring; account for FedRAMP baselines when cloud services are in play.
• Deliver accessibly. Make documents and diagrams of Section 508–conformant and consistent with Federal compliance.

Required Qualifications:

• 8+ years in enterprise/solution/security architecture for large, federated environments (federal experience preferred).
• Expert diagramming skills: Microsoft Visio (or Archi/Lucid chart/draw.io) with the ability to convey TOGAF level models clearly to both engineers and executives. 80% of the candidate's time is spent creating diagrams in Visio - current state and future state.
• Zero Trust depth: hands-on experience mapping designs to ZT pillars (Identity, Device, Network/Environment, Application/Workload, Data) and crosscutting areas (Visibility & Analytics, Automation & Orchestration, Governance).
• Network & cloud architecture: segmentation/micro segmentation, modern connectivity patterns (e.g., TIC 3.0), policy enforcement at multiple layers, workload identity, service-to-service auth.
• RMF literacy and collaboration with ATO stakeholders; familiarity with FedRAMP Rev. 5 control sets for cloud.
• Data & identity patterns: MFA, device posture, secrets management, key management, and lineage/classification considerations in ZT.
• Communication: concise technical writing, facilitation across PMO, pillar leads, vendors, and engineers; ability to brief options and tradeoffs.

Preferred/Desired:

• Certifications: TOGAF 9/10, ArchiMate, CISSP/CCSP, CISM, PMP, ITIL 4.
• Modeling: ArchiMate 3.x, BPMN 2.0; experience maintaining an EA repository.
• Familiarity with DoD Zero Trust Reference Architecture v2 (as informative context for interagency alignment).
• Exposure to automation/orchestration (IaC, policy-as-code) and to NIST SP 800218 (SSDF) concepts for the application/workload pillar.
• Zero Trust Framework Knowledge including maturity and pillar alignment
• Federal ecosystem familiarity (Enterprise Design/Security Patterns, governance forums).
• VA experience with TRM, VIP, and VA 6500, including knowledge of the systems the VA uses, how they integrate, and the ability to create visually appealing diagrams.

Tools & environments:

Visio, Archi/Lucid chart/draw.io; Power BI; ServiceNow; MS Project, SharePoint, Teams; Azure Gov and AWS GovCloud; identity/policy engines; API gateways; SIEM/UEBA; SDWAN/SASE.

What success looks like in year one:

• A living set of TOGA quality diagrams and an EA repository people actually use.
• A prioritized ZT roadmap and month-over-month improvements visible in dashboards.
• Two or more ZT use cases delivered from design through pilot with test evidence folded into RMF artifacts.
• Clean, 508 conformant deliverables that make leadership decisions easier.

Location

Remote

Clearance/Background Investigation

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Legal:

ASI is an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Company DescriptionASI provides IT consulting services to federal, state, and local government while focusing on innovation using applied science principles. Our core vision centers around secure automation of technology through programmatic and result driven iterative changes to empower our partners.

Company Description

ASI provides IT consulting services to federal, state, and local government while focusing on innovation using applied science principles. Our core vision centers around secure automation of technology through programmatic and result driven iterative changes to empower our partners.