Job Description:

Location: Syracuse, United States of America

Thales people architect solutions that are relied upon to deliver operational advantage at every decisive moment throughout the mission. Defence and armed forces customers rely on us to deliver the full range of defensive systems for land, sea, and air. From early warning, to threat neutralisation, our platforms cover all levels from very short-range systems, to extended protection across the entire battle-space including Airspace Mobility Solutions, Vehicles and Tactical Systems and Missile Defence, Optronics, and Radar.

Cybersecurity Architecture Engineer

Syracuse, NY or Arlington, VA (On-site)

Position Summary

Thales is looking for a Cybersecurity Architecture Engineer who will be part of Thales Air Traffic Control and Digital Aviation Solutions engineering team located in Syracuse, NY or in Arlington, VA areas, which is focused on addressing the needs of the aviation industry’s push to integrate unmanned aircraft systems into the national airspace system.  The Cybersecurity Architecture Engineer will work closely with product design authority, Systems Engineers and IVVQ teams to support product development and project execution, to enable the safe and efficient integration of drones into our airspace and our communities. The emergence of unmanned systems (UAVs/drones) is accelerating the transformation of the aviation businesses and the deployment of digital technologies.  The Thales Airspace Mobility Solutions Digital Aviation Solutions team have a simple but very ambitious objective: to provide aviation stakeholders (regulatory authorities, air navigation service providers, airports, airlines, pilots, drone operators, etc.) with effective, high-value digital solutions that enhance their operations.

In this position, you will be responsible for leading with pre-assessments of a business entity’s networks to determine its existing level of maturity, and develop strategies, roadmaps, and implementation of new architectural designs and security standards to meet its desired certification level.

Key Areas of Responsibility

• Work collaboratively with ATC team members, customers and IT to help them prepare for NIST 800-171 compliance and CMMC certification including; scoping, risk assessment, maturity assessment of current controls, risk/gap remediation plan development, remediation plan, execution, System Security Plan Development, etc.


• Assess current DFARS NIST 800-171 controls compliance status and identify the gaps and remediation plans. Work with business lines to develop System Security Plan (SSP), plan of actions and milestones/mitigations (POAM) and other documentation required to be compliant with DFARS & CMMC.


• Lead efforts to implement secure solutions for business units that need to be compliant with DFARS requirements. Deliver with minimal supervision, security enhancements activities to protect computer systems, networks and data.  This includes analyzing, testing, documenting, implementation/configuration, and support of new security technologies and processes.


• Proficient in risk assessment processes, tracking and remediation of issues identified in audits or assessments. Lead the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).


• Evaluate technical controls and advise appropriate solutions. Design and implement cloud-based security monitoring. Leads the creation and maturing of the enterprise architecture practice into an internal management consultancy. 


• Ensures the role of EA in the project and product governance setting is one of guidance, advice and oversight. Leads Architecture Review Board sessions to review and approved architecture artefacts. 

Minimum Qualifications

• Must be a US Person as defined in applicable law. Must be a U.S. Person as defined in applicable law, or otherwise authorized or eligible for authorization, to access to hardware, software, technology or technical data controlled under the International Traffic in Arms Regulations (ITAR) and/or the Export Administration Regulations (EAR).


• Significant experience of implementing NIST 800-171 controls and knowledge of Cybersecurity Maturity Model Certification (CMMC 2.0) requirements. Strong knowledge of core IT and Security infrastructures including Active Directory, Microsoft Windows security controls, SIEM, AV, IPS, vulnerability scanners etc.


• Bachelor’s degree in information systems, information security, computer science or other related major with a minimum 5+ years of relevant work experience in information security and regulatory compliance, or a Master’s degree in information systems, information security, computer science or other related major with a minimum 4+ years of relevant work experience in information security and regulatory compliance.


• Experience in implementing cloud-based monitoring and handling information security incidents. Experience in Amazon Web Service GovCloud or Microsoft Azure Government Cloud. Experience and knowledge with Governance, Risk Management and Compliance


• Strong leadership skills with exceptional soft and interpersonal skills, including teamwork, facilitation and negotiation. Knowledge of business ecosystems, SaaS, infrastructure as a service (IaaS), platform as a service (PaaS), service-oriented architecture (SOA), APIs, open data, micro-services, event-driven IT and predictive analytics. 


• Familiarity with information management practices, system development life cycle management, IT services management, agile and lean methodologies, infrastructure and operations, and EA and ITIL frameworks. Strong consulting skills such as targeted communications, engagement management, stakeholder management and business development.   Knowledge of all components of enterprise architecture, business and IT principles and processes. Familiarity with basic graphical modeling approaches, tools and model repositories. 

Special Position Requirements

• Schedule: Either 9/80A - 1st (9hrs Mon-Thu, 8hrs 2nd Fri, Start @ 09:00AM) (United States of America) or USA -  5/40 - 1st (8hrs Mon-Fri) (United States of America).


• Travel: US and to Europe periodically is preferred, approximately 10% travel.


• Minimum four years of experience implementing NIST 800-171 information security controls.


• Strong understanding of the new CMMC 2.0 standard.


• Composed in the face of opposition to architectural principles, governance and standards. 


• Practical in approach to problem solving and decision-making. 

If you’re excited about working with Thales, but not meeting the requirements for this position, we encourage you to join our Talent Community!

What We Offer

Thales provides an extensive benefits program for all full-time employees working 30 or more hours per week and their eligible dependents, including the following: 

• Elective Health and Dental plans. 


• Retirement Savings Plan with a company contribution and a match, and without vesting period. 


• Company paid holidays, vacation days, and paid sick leave. 


• Company provided Life Insurance.


• 
  

Why Join Us?

Say HI and learn more about working at Thales click here.

The anticipated TTC range for this role is $104,834.80 – 199,750.00 USD Annual. The Company reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s status protected by local, state, or federal law. 

#LI-Hybrid

#LI-MR1

This position will require successfully completing a post-offer background check. Qualified candidates with (a) criminal history will be considered and are not automatically disqualified, consistent with federal law, state law, and local ordinances.

Successful applicant must comply with federal contractor vaccine mandate requirements.

Thales champions inclusion and we believe diversity strengthens the fabric of our culture. We are an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

If you need an accommodation or assistance in order to apply for a position with Thales, please contact us at talentacquisition@us.thalesgroup.com.

Apply Now