Cyber Security Architect

📋 Description

• Oversee the design and execution of secure system architectures across various IL environments (IL2–IL5) in alignment with DoD and NIST guidelines.

• Establish and verify security requirements throughout the system lifecycle, encompassing hardware, software, and cloud elements.

• Perform risk assessments, security architecture evaluations, and threat modeling to detect and address vulnerabilities.

• Create and sustain architecture diagrams, data flow mappings, and control baselines for ATO documentation and ongoing monitoring.

• Apply Zero Trust principles, including segmentation, robust identity management, encryption, and telemetry integration.

• Assist in maintaining RMF accreditation artifacts (SSP, SAR, POA&M, etc.) and ensure traceability to implemented controls.

• Incorporate security automation and continuous compliance within DevSecOps pipelines utilizing tools such as Tenable ACAS, AWS Inspector, and Twistlock.

• Collaborate with network, platform, and application teams to ensure technical implementations adhere to cybersecurity policies and architecture standards.

• Establish and enforce data protection and key management solutions (KMS, TDE, PKI) within AWS GovCloud and hybrid setups.

• Facilitate vulnerability management, remediation tracking, and coordination of penetration testing.

• Stay informed about evolving DoD cyber policies, cloud standards, and emerging security technologies to proactively enhance security posture.

• Lead technical deep dives and architecture reviews for proposed modifications to ensure secure system progression.

• Contribute to incident response preparedness by ensuring forensic tools, audit logs, and alerting systems are operational.

• Offer guidance and mentorship to engineers and administrators on secure configuration management, encryption, and boundary protection.

⛳️ Requirements

• Comprehensive understanding of DoDI 8510.01 (RMF), NIST SP 800-53/171, and DISA STIG/SRG compliance frameworks.

• Proficiency in cloud security architecture and Zero Trust deployment.

• Experience with encryption standards, data loss prevention (DLP), and secure identity management (SAML, OAuth, MFA).

• Skilled in AWS GovCloud, container security, and Infrastructure as Code (IaC) security.

• Familiarity with network security principles, firewall architecture, VPNs, and segmentation.

• Knowledge of continuous monitoring tools such as Splunk, ELK Stack, CloudWatch, and GuardDuty.

• Background in supporting ATO/renewal efforts, POA&M closure, and security audit responses.

• Strong analytical, architectural, and documentation capabilities.

• Ability to assess technical designs for compliance and security effectiveness.

• Exceptional communication skills for conveying complex topics to both technical and non-technical audiences.

• Strong teamwork across development, cybersecurity, and program management teams.

• Dedication to proactive risk management and secure modernization.

• Preferred certifications: CISSP, CISM, or CompTIA Advanced Security Practitioner (CASP+); AWS Certified Security – Specialty; CompTIA Security+ CE (DoD 8570 baseline); Certified Cloud Security Professional (CCSP).

🏝️ Benefits

• Some travel may be necessary: Must possess a valid driver’s license and transportation.

• Equal Opportunity Employer.

• Commitment to Diversity and Inclusion.

• Opportunities for professional growth, well-being, and innovation.