CISA Security Architect

This role ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

Personnel performing this role may unofficially or alternatively be called:

  • Information Assurance (IA) Architect
  • Information Security Architect
  • Security Solutions Architect
  • Cybersecurity Architect


Skill Community: Cybersecurity
Category: Securely Provision
Specialty Area: Systems Architecture
Work Role Code: 652


Core Tasks

  • Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET). (T0071)
  • Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. (T0082)
  • Employ secure configuration management processes. (T0084)
  • Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines. (T0090)
  • Identify and prioritize critical business functions in collaboration with organizational stakeholders. (T0108)
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. (T0177)
  • Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. (T0268)
  • Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. (T0328)
  • Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately. (T0484)

Core Competencies

  • Business Continuity
  • Client Relationship Management
  • Computer Network Defense
  • Computers and Electronics
  • Data Analysis
  • Enterprise Architecture
  • Information Technology Assessment
  • Mathematical Reasoning
  • Risk Management
  • Systems Integration
  • Technology Awareness
  • Telecommunications

Core Knowledge, Skills and Abilities (KSAs)

  • Knowledge of business continuity and disaster recovery continuity of operations plans. (K0026)
  • Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls. (A0148)
  • Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing). (K0202)
  • Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware). (K0030)
  • Knowledge of microprocessors. (K0055)
  • Knowledge of industry-standard and organizationally accepted analysis principles and methods. (K0043)
  • Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.) (K0291)
  • Ability to design architectures and frameworks. (A0061)
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. (S0027)
  • Knowledge of computer algorithms. (K0015)
  • Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements). (K0264)
  • Knowledge of installation, integration, and optimization of system components. (K0035)
  • Knowledge of human-computer interaction principles. (K0036)
  • Knowledge of remote access technology concepts. (K0071)
  • Knowledge of communication methods, principles, and concepts that support the network infrastructure. (K0010)

Join the Mission

CISA is always searching for diverse, talented, and highly motivated professionals to continue its mission of securing the nation’s critical infrastructure. CISA is more than a great place to work; our workforce tackles the risks and threats that matter most to the nation, our families, and communities.

To join this mission, visit USAJOBs and/or the DHS Cybersecurity Service to view job announcements and to access the application. Be sure to tailor your resume to the specific job announcement, attach relevant documents, and complete all required assessments. 

When applying for CISA’s cyber positions, please review CISA’s cyber roles above and update your resume to align your experience with the listed competencies. Your resume must also show demonstrated cyber/IT related experience in:

  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

To receive email notifications when new CISA positions are announced, set up a “saved search” on USAJOBs with keyword “Cybersecurity and Infrastructure Security Agency.

Individuals eligible for special hiring authorities may also be considered during CISA’s one-stop hiring events or by emailing or

Was this webpage helpful?  Yes  |  Somewhat  |  No