Cybersecurity and Digital Resilience Solutions Architect

Position Summary:

As a central part of its national security strategy, the U.S. government is investing in protecting the critical infrastructure of our allies globally. In support of this strategy and building on our 25 years as a leader in global threat reduction, CRDF Global is implementing large-scale cybersecurity programs in crucial geostrategic regions across Europe & Eurasia (including Ukraine, Moldova, the Western Balkans, the Caucasus region, and Central Asia). CRDF Global is seeking a Cybersecurity and Digital Resilience Solutions Architect to serve as a thought leader and solution architect to support the organization in delivering effective, adaptive, and innovative Cybersecurity and host country capacity building programming in Europe and around the world.   This position will require deployment to Kyiv, Ukraine and extensive travel throughout Ukraine.

The ability to communicate effectively and to interact with subject matter experts in the government, academic, non-profit, and private sectors is essential. The ideal candidate will have spent 8-10 years in progressively more responsible technical positions, and will have transitioned into project and program management, design, and solutioning. 

Major Responsibilities: 

This position most closely maps to the following NIST/NICE Cybersecurity Workforce Framework (SP 800-181r1) work roles to ensure alignment with U.S. government workforce frameworks while being tailored to Ukraine’s digital resilience environment; (1) Security Architect (SP-ARC-001) – designing security systems/architectures, (2) Program Manager (OV-PMA-001) – overseeing cybersecurity strategy/programs, (3) Cyber Policy & Strategy Planner (OV-SPP-002) – developing and aligning policies., (4) Cyber Defense Analyst (PR-CDA-001) – conducting threat and risk analysis., and (5) Cyber Defense Incident Responder (PR-CIR-001) – advising on incident planning.

Assessment, Analysis and Strategy Development

• Conduct landscape and risk assessments: Identify, evaluate, and prioritize beneficiary digital and cybersecurity needs and matching solutions, including risk assessments, that will have a positive impact on national, domain, organizational and individual awareness and resilience capabilities. 
• Consult and advise: Provide guidance to beneficiaries on digital and cyber security assessment, best practices, security frameworks (e.g., NIS2, ISO, NIST), and regulatory compliance (e.g., GDPR, DSA).
• Architect and Design: Ability to significantly contribute to the architect and design of Resilience Architectures and Ecosystems through the elicitation, assessment, definition and design of needed capabilities, functionality and capacity across end user domains.

Security Strategy and Policy Development

• Strategic planning: Work with stakeholders to align cybersecurity strategy with business objectives, ensuring both short-term and long-term goals are met.
• Create security policies: Support beneficiaries as they develop comprehensive cybersecurity policies and guidelines that establish standards for secure system design, data handling, and operations in their organizations.
• Capacity Building and Change Management: 
• Contribute to wider capacity and change diagnostics and program design.
• Integrate and embed functional and technical change requirements into wider change plans to form holistic capacity building solutions. 
• Lead Ukraine-focused cybersecurity training, tabletop exercises, and simulations aligned with NICE work roles.
• Integrate cyber workforce development pipelines for Ukraine’s government and academic institutions.
• Mentor Ukrainian counterparts in adopting U.S. and EU standards and building institutional resilience.

Demonstrated technical fluency in, and the ability to contribute to, one or more of the following areas of expertise:

• Compliance and Regulatory Management: Recommend security practices to the beneficiary that comply with industry standards, regulatory requirements, and laws (e.g., PCI DSS, DSA, GDPR). Help prepare beneficiaries for security audits by reviewing their documentation and confirming their systems are compliant with internal and external standards. Guide entities in preparing for NIST, ISO 27001, GDPR, PCI DSS, and Ukraine’s NCCIR audits.
• Security Solution Integration: Assist with the identification of security technologies (e.g., firewalls, intrusion detection/prevention systems, encryption solutions, identity management systems) to protect the beneficiaries’ assets and recommend sustainable solutions. Recommend vetted, non-Russian/non-Chinese technologies (e.g., U.S. and EU-origin).
• Incident Response Planning: Developing incident response plans: Help beneficiaries Create (or improve) and implement plans for responding to security incidents and breaches.  Support ministries and CI operators in designing NIST SP 800-61R2 incident response plans.
• Designing Security Architectures: Create secure architectures and frameworks that align with the beneficiaries’ goals while ensuring the integrity, confidentiality, and availability of information systems and assess system requirements.
• Threat Assessments: Understand potential attack vectors, vulnerabilities, and adversary tactics to design defensive measures that may be unique to individual beneficiaries. Mitigate vulnerabilities: Recommend solutions that mitigate vulnerabilities.  Analyze evolving Russian and hybrid cyber tactics targeting Ukraine; advise on defense-in-depth strategies.

REQUIREMENTS:

• Established international knowledge and relationship network, with emphasis on Ukraine, and exposure to Eurasia, with a demonstrated track record in international donor programs in Ukraine.
• Demonstrated knowledge of, and interest in, current digital and cybersecurity policies, trends, issues and challenges in a global context, including threat actors, recent vulnerabilities and breaches of note, mitigation strategies, and security policy frameworks.
• Strong conceptual skills combined with the ability to take ambitious ideas and to break them into manageable, specific sets of objectives in order to plan and successfully implement creative, ambitious organizational change strategies relevant to and effective in a complex, multinational organizational setting.
• Demonstrated ability and track record in strategic, holistic and systemic thinking, managing resistance to change and understanding of organizational culture, learning and change Experience in solution design/proposal development and budgeting.
• Advanced conversation and presentation skills that can influence senior decision makers.
• Excellent written and oral communication skills, including the ability to engage and influence a wide range of individuals from varied backgrounds at all levels within their organizations Management.
• Bachelor’s degree in computer science or related field.
• 12+ years of progressively responsible work experience in information security/cybersecurity or a related field in support of government clients.
• Fluency in spoken and written English, Ukrainian. 
• Familiarity with industry standards and frameworks (NIST, ISO 27001, etc.).
• Strong analytical skills and the ability to understand offensive and defensive cybersecurity measures.
• Expertise in risk management. 
• Knowledge of compliance and regulatory frameworks (e.g., GDPR, DSA, PCI DSS).
• Be willing and able to travel extensively in Ukraine and limited amount internationally.

PREFERRED:

• Master’s degree. 
• Experience with Assessing, advising and implementing in a developing country context strongly preferred.
• Industry Professional certifications (CISSP, CISM, CEH, ISO 27001 Lead Auditor, NIST CSF Practitioner).
• Experience of international development programming, particularly in the European Union.  
• Proficiency in other relevant European languages.
• Demonstrated track record in international donor programs in Eurasia and/or Africa.

CRDF Global offers a competitive salary and benefits package.

CRDF Global is an Equal Opportunity Employer (EOE). CRDF Global provides equal employment opportunities to all qualified applicants without regard to race, ethnicity, religion, sex, sexual orientation, gender identity, national origin, protected veteran, age, or disability status.