State of Maryland

A Department of Information Technology (DoIT) Enterprise Architect is a managerial level of work in the Office of Security Management (OSM) and performs oversight, management, and implementation of Special Security Projects. These projects may include any and all activities related to cybersecurity, such as penetration testing, incident response, red-team exercises, security evaluations, operational support, planning support, table-top exercises, and tiger-team support. Positions in this classification do not supervise lower-level positions. 

Employees in this classification receive managerial supervision from the State Chief Information Security Officer (SCISO) or another designated administrator.

Position placement in this classification is determined by the Classification Job Evaluation Methodology. The use of this method involves comparing the assigned duties and responsibilities of a position to the job criteria found in the Nature of Work and Examples of Work sections of a classification specification. 

Defines and prioritizes essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event;

Defines appropriate levels of system availability based on critical system functions and ensures that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration;

Develops/integrates cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET);

Documents and addresses organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle;

Employs secure configuration management processes;

Ensures that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines;

Identifies and prioritizes critical business functions in collaboration with organizational stakeholders;

Performs security reviews, identify gaps in security architecture, and develops a security risk management plan;

Provides advice on project costs, design concepts, or design changes;

Provides input on security requirements to be included in statements of work and other appropriate procurement documents;

Provides input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials);

Defines and documents how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment;

Analyzes candidate architectures, allocate security services, and selects security mechanisms;

Develops system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements;

Evaluates security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents;

Writes detailed functional specifications that document the architecture development process;

Analyzes user needs and requirements to plan architecture;

Develops enterprise architecture or system components required to meet user needs;

Determines the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately;

Translates proposed capabilities into technical requirements;

Assesses and designs security management functions as related to cyberspace;

Performs other related duties.

Class Descriptions are broad descriptions covering groups of positions used by various State departments and agencies. Position descriptions maintained by the using department or agency specifically address the essential job functions of each position.

Class Descriptions provide information about the Nature of Work, Examples of Work, General Requirements and Acknowledgements. The Required Knowledge, Skills, and Abilities; Minimum Education and Experience Requirements; Special Requirements; and recruitment and testing procedures are set by the using agency.

This is a Management Service classification in the State Personnel Management System. All positions in this classification are Management Service positions.

This classification is not assigned to a bargaining unit, as indicated by the designation of S (Supervisor), M (Manager), T (Agency Head), U (Board or Commission Member), W (Student), X (Used by Agency or Excluded by Executive Order), or Z (Confidential). As provided by State Personnel and Pensions Article, Section 3-102, special appointment, temporary, contractual, supervisory, managerial and confidential employees are excluded collective bargaining. Additionally, certain executive branch agencies are exempt from collective bargaining and all positions in those agencies are excluded from collective bargaining.