[Hiring] Senior Systems Architect @ValidaTek, Inc.

Company Overview

At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. From customers to partners to top-talent employees, ValidaTek puts people first, empowering them to exceed expectations and transform government organizations. Our success starts and ends with our people, so we built a company where great people can do great things, with the resources and autonomy to make decisions that transform organizations. We operate as one team of diverse people, united by a passion for continuous growth and optimization. Our commitment to quality and performance optimization is the reason why our IT Service Projects and New Development Projects have been appraised at CMMI Maturity Level 5, positioning us as one of a handful of elite companies to receive the highest form of third-party validation. www.validatek.com

Summary

We are seeking a talented Senior Systems Architect/Engineer who will provide technical leadership in the design, development, and integration of cybersecurity sensing capabilities for the Defense Information System Agency (DISA) Program Executive Office Cyber (PEO-Cyber). This role demands a comprehensive understanding of system architecture, requirements decomposition, and the application of frameworks such as the DoD Architecture Framework (DoDAF). The Senior Systems Architect/Engineer will be responsible for creating and maintaining system designs, ensuring they conform to established standards and meet the evolving needs of the DoD Information Network (DoDIN). The Senior Systems Architect/Engineer will be well versed in enterprise architecture, system design, and hands-on engineering across hybrid environments (on-prem, private cloud, and DoD-authorized commercial cloud). The ideal candidate pairs deep technical breadth with mission-first judgment—driving Zero Trust, RMF/cATO, high availability, and automation to deliver resilient, compliant services at scale across NIPR/SIPR (and higher) networks.

Responsibilities

• Develop and maintain system architectures that ensure conformance to standards, requirements, and associated systems, utilizing DoDAF and other frameworks as specified by the Government.
• Provide preliminary and final designs, including system diagrams, design descriptions, and interface control documents, in support of project and customer requirements.
• Lead the integration of sensing software/hardware solutions with associated networks, validating software packages and devices.
• Design and test capabilities to address operational issues or shortfalls, ensuring seamless integration with existing systems.
• Develop and maintain the program’s Systems Engineering Plan (SEP) that aligns with program plans.
• Architect and develop Cyber Sensing Solutions designed to monitor the DoD telecommunications infrastructure, encompassing requirement analysis, design, and implementation at customer sites.
• Lead end-to-end architecture for mission systems across storage, network, security, data, and identity domains.
• Produce and maintain DoDAF views (OV, SV, CV, DIV) and system/solution architecture artifacts (logical/physical diagrams, interface control documents, data flow diagrams, sequence diagrams).
• Define capability roadmaps, technology standards, and reference architectures aligned to DISA/DoD policy, Cloud SRG IL2–IL6, and mission needs.
• Engineer for HA/DR/COOP, performance, scalability, and cost optimization; establish capacity models and SLOs/SLIs.
• Lead the design and integration of Windows/RHEL, virtualization (VMware/Nutanix), containers/Kubernetes/OpenShift, and GovCloud (AWS/Azure) services.
• Architect and implement ICAM/PKI/CAC, network services (DNS/DHCP/IPAM), load balancing, and edge/security services (SWG, WAF, proxies).
• Build Infrastructure-as-Code and Configuration-as-Code pipelines (Terraform, Ansible, PowerShell/Bash, GitLab/Jenkins/Azure DevOps) for secure, repeatable deployments.
• Integrate observability (SolarWinds, Prometheus/Grafana, Splunk/ELK) and design telemetry for proactive operations.
• Lead the RMF lifecycle from categorization to ATO/cATO, creating and maintaining SSP, SCTM/RTM, POA&M, test plans/evidence, and continuous monitoring dashboards.
• Apply DISA STIGs/SRGs, SCAP, ACAS/Tenable, HBSS/ESS/EDR baselines; drive remediation and control inheritance.
• Architect to Zero Trust principles (identity, device, network, app/data, analytics, automation); design micro-segmentation, policy enforcement, and continuous assessment.
• Partner with ISSM/ISSO and cyber operators to align controls with operational reality and mission risk.
• Provide Tier III technical leadership, conduct root cause analysis, and publish RCAs with corrective/preventive actions.
• Establish SOPs/runbooks, as-built documentation, change management artifacts, and operational dashboards tied to KPIs/SLAs.
• Participate in CABs, IPTs, design reviews, and readiness assessments; brief senior government stakeholders on trade-offs, risk, and performance.
• Serve as a technical lead for a cross-functional team (systems, network, security, DevSecOps, data).
• Mentor junior engineers and review designs/PRs for architectural compliance and secure coding/infrastructure patterns.
• Coordinate with vendors and DISA partners to evaluate COTS/GOTS solutions and conduct POCs.

 

Qualifications

• Active DoD Secret clearance.
• 8+ years of systems architecture experience. 
• Extensive experience in systems architecture and engineering, particularly within cybersecurity or IT sectors, with a focus on network and cloud environments.
• Demonstrated expertise in utilizing the DoD Architecture Framework (DoDAF) and other relevant architectural frameworks.
• Proven ability to lead the development and maintenance of Systems Engineering Plans (SEPs).
• In-depth knowledge of requirements analysis, system design, integration, and testing methodologies.
• Ability to author clear architectures and brief complex topics to technical and executive audiences.
• Experience with cloud technologies and transitioning systems to cloud environments.
• Familiarity with COTS and GOTS solutions.
• Technical Proficiency in the following areas:
  • Compute/Virtualization/Containers: VMware vSphere/ESXi/vCenter; Nutanix; RHEL/Windows; Kubernetes/OpenShift.
  • Cloud (DoD-authorized): AWS GovCloud and/or Azure Government (IL2–IL6); landing zones, VPC/VNet, security groups/NSGs, KMS/Key Vault, PrivateLink/Private Endpoints.
  • Networking & Edge: TCP/IP, routing, VLANs, load balancers (F5/AVI), DNS/DHCP/IPAM, VPN, SWG, firewalls, micro-segmentation.
  • Identity & Access: PKI/CAC, SSO/SAML/OIDC, MFA, SCIM/Provisioning, Privileged Access Mgmt (PAM).
  • Security & Compliance: RMF (NIST 800-37/53), DISA STIGs/SRGs, SCAP, ACAS/ESS/HBSS/EDR, logging/alerting (SIEM).
  • Automation/DevSecOps: Terraform, Ansible, PowerShell/Bash, GitLab/GitHub/Jenkins/Azure DevOps, container registries, artifact management.
  • Observability/SRE: SolarWinds, Prometheus/Grafana, Splunk/ELK, synthetic and RUM monitoring, SLO/SLI error budgets.
• Methodologies & Processes: Agile/Scrum, ITIL, Continuous Monitoring; model-based design preferred (UML/SysML).

Posted Min Pay Rate

Posted Max Pay Rate

Salary Disclosure

Actual salary will be based on a variety of factors including but not limited to experience, geographic location, contract affordability, internal equity, education, and certifications. The upper end of the salary range may be reserved for individuals who have demonstrated tenure with the company, seniority, and proven excellent performance. This includes factors such as education, certifications, and extensive/unique experience beyond what is required.

EEO Statement

ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status. Applicants who are selected for employment will be required to verify authorization to work in the United States. Offers of employment will be contingent upon passing a post-offer background check.