×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Data Security Architect, Zero Trust; TS​/SCI

Job in Tampa, Hillsborough County, Florida, 33646, USA
Listing for: Kentro
Full Time position
Listed on 2025-12-28
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Position: Data Security Architect, Zero Trust (TS/SCI)

Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers’ missions, fostering professional growth, and making a positive impact on our communities.

By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones.

Kentro is hiring a visionary and authoritative Data Security Architect to serve as the lead technical authority for the USSOCOM Zero Trust Data Visibility, Labeling, and Governance program. As an architect within the Cross-Functional Integration Cell (CFIC), you will define the unified data security strategy that spans the Command’s entire Information Environment—from the hyperscale cloud capabilities of the NIPR network to the disconnected, on‑premise constraints of the SIPR and Air‑Gapped enclaves.

In this high‑visibility role, you will be responsible for defining the enterprise‑wide data taxonomy and formally adopting the NIST Internal Report 8112 metadata schema. You will move the Command beyond simple file tagging to a complex Attribute‑Based Access Control (ABAC) model, where access is brokered based on the pedigree, provenance, and verification status of user credentials. You will provide technical direction to the network‑specific execution teams, ensuring that the implementation of Microsoft Purview (NIPR), BigID (SIPR), and Kiteworks remains architecturally coherent and aligned with the DoD Zero Trust Strategy.

Responsibilities
  • Enterprise Architecture Strategy:
    Serve as the Technical Authority for the Data Pillar, defining the high‑level architecture for data discovery, classification, and protection across NIPR, SIPR, and Top Secret networks.
  • Metadata & Taxonomy Design:
    Define and enforce the enterprise data taxonomy and metadata schemas (specifically adhering to NIST 8112) to standardize how “Trust Attributes” (Pedigree, Verifier, Assurance Level) are ingested and utilized for ABAC decisions.
  • Cross‑Enclave Integration:
    Ensure architectural consistency between the cloud‑native NIPR stack (Microsoft Purview/Sentinel) and the on‑premise SIPR/Top Secret stacks (BigID, Kiteworks, Net App BlueXP), ensuring policy logic remains uniform even when tools differ.
  • ABAC & Identity Integration:
    Design the integration points between the Data Pillar and the ICAM Pillar, defining the requirements for how User Attributes from SailPoint and Entra  consumed by Policy Decision Points (PDPs) like Kiteworks and Purview.
  • Standards & Compliance:
    Lead the development of System Design Documents (SDDs) and validate that all architecture aligns with the USSOCOM Zero Trust Reference Architecture and DoD 8140/8570 compliance requirements.
Location

Onsite in Tampa, FL

Required Qualifications
  • Master’s degree (MA/MS) in Computer Science, Information Security / Cybersecurity, Information Systems, Data Science, or a closely related technical field
  • 15 years of relevant experience
  • Extensive experience acting as an Architect or Lead Engineer for large‑scale DoD or Federal enterprise security transformations.
  • Deep expertise in Zero Trust Architecture principles, specifically Data Object‑Level Protection (DOLP) and Attribute‑Based Access Control (ABAC).
  • Proven experience designing architectures that utilize Microsoft Purview (Information Protection/DLP) and Digital Rights Management (DRM) technologies (e.g., Kiteworks, Virtru).
  • Ability to design security solutions for Disconnected, Degraded, Intermittent, and Limited Bandwidth (DDIL) and air‑gapped environments.
Preferred Experience & Skills (Nice‑to‑Haves)
  • Experience with BigID for data discovery and Net App BlueXP for storage‑level classification.
  • Knowledge of NIST Internal Report 8112 (Attribute Metadata) and its application to identity‑centric security.
  • Background in supporting USSOCOM or Special Operations Forces (SOF) missions.
Certifications
  • Required:

    IAT III: CISSP‑ISSEP (Information Systems Security Engineering Professional) OR CISSP.
  • Preferred:
    One or more Cloud/Zero Trust…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search