Cybersecurity Architect

Full Job Description

This position is located in the Department of Health & Human Services (HHS), Centers for Medicare & Medicaid Services (CMS), Office of Information Technology (OIT), Information Security & Privacy Group (ISPG).

As an IT Cybersecurity Specialist, titled here as Cybersecurity Architect, GS-2210-15, you will lead the development of comprehensive cybersecurity solutions for critical healthcare applications across the agency.

ALL QUALIFICATION REQUIREMENTS MUST BE MET BY THE CLOSING DATE OF THIS ANNOUNCEMENT.

Your resume (limited to no more than 2 pages) must include detailed information as it relates to the responsibilities and specialized experience for this position.

Evidence of copying and pasting directly from the vacancy announcement without clearly documenting supplemental information to describe your experience will result in an ineligible rating.

This will prevent you from receiving further consideration. There is a BASIC REQUIREMENT and a MINIMUM QUALIFICATION REQUIREMENT for this position. You must meet both requirements.

BASIC REQUIREMENT: You must have IT-related experience at the GS-14 grade level in the federal government--gained through paid or unpaid work in the private or public sectors and/or specific, intensive training--that demonstrates you possess the following four competencies: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

AND MINIMUM QUALIFICATION REQUIREMENT: In order to qualify for this GS-15 position, you must clearly demonstrate in your resume at least one year (52 weeks) of qualifying IT-related specialized experience equivalent to the GS-14 grade level in the Federal government, obtained in either the private or public sector, to include: Executing the hands-on design, build, and deployment of enterprise cybersecurity architectures for systems; AND Developing, coding, testing, and implementing detection engineering capabilities, including detection as code, custom analytics, and fully integrated Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), and cloud native security solutions; AND Building and tuning advanced security capabilities such as AI and machine learning driven monitoring, anomaly detection, and emerging technologies, including post-quantum approaches; AND Integrating and engineering end-to-end security monitoring environments by connecting network, endpoint, cloud, and platform data sources into unified, operational capabilities to deliver enterprise-wide comprehensive visibility and coordinated defensive action.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills, and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.

Click the following link to view the occupational questionnaire: https://apply.usastaffing.gov/ViewQuestionnaire/12917898 Major Duties:

• Leads the design, standardization, and enterprise-wide deployment of advanced detection engineering strategies across CMS environments.
• Evaluates, designs, and implements next-generation cybersecurity capabilities, including machine learning–based anomaly detection, user and entity behavior analytics (UEBA), and AI-assisted threat analytics.
• Leads enterprise threat modeling efforts to identify architectural attack paths and systemic risk across interconnected CMS systems and environments.
• Technical authority on quantum computing risks and their impact on enterprise cybersecurity architecture.
• Leads the assessment of cryptographic dependencies across CMS systems, including public key infrastructure, key exchange mechanisms, digital signatures, data-at-rest encryption, and secure communications protocols.