Security Architect

About The Position

Requirements

• Secret clearance required
• Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
• At least two of the following certs CCNP Enterprise, CISM, CISSP-ISSAP, CISSP-ISSEP, GCIA, GDSA, GICSP
• 8+ years of hands on-experience designing Zero Trust architectures
• 5+ years of experience of architecting security solutions in IL5/IL6 environments
• Deep understanding of DoW Zero-Trust Architecture
• Familiarity with Thunderdome, Flank Speed, ICAM and other various services
• Knowledge of DoDI 5000.75 and Architecture frameworks (e.g. TOGAF, Zachman, or DoDAF)

Nice To Haves

• Deep knowledge of Software Development Lifecycle (SDLC) methodologies spanning traditional waterfall and Agile frameworks, with hands-on experience in analysis, design, development, testing, and continuous delivery
• Understanding of supply chain security and Software Bill of Materials (SBOM)
• Professionalism, tact, and experience working with senior DoW leadership
• Ability to provide on-site support in the NCR, Monday through Friday.
• Certification in one or more industry cloud certifications (AWS SA-Professional, AZ-305, VMware VCIX-NV, or OCI Architect Professional)
• Experience with Security, Orchestration, Automation, and response (SOAR) solutions

Responsibilities

• Design and assess Zero Trust network architectures for Department of War (DoW) business systems.
• Create micro-segmentation strategies that protects data and maintains efficiency.
• Enhance security controls and implementation of RMF steps.
• Produce Security Assessment Reports.
• Navigate complex inheritance models for cloud and on-premises infrastructure environments.
• Embed security requirements into functional specifications during solution analysis.
• Evaluate commercial-off-the-shelf (COTS) and government-off-the-shelf (GOTS) against Zero-Trust principles and DoW standards.
• Develop cybersecurity strategies meeting Clinger Cohen Act (CCA) compliance.
• Create security test plans supporting development and operations.
• Assess security lifecycle requirements from acquisition to Full Operational Capability (FOC).
• Design disaster recovery and continuity architectures meeting demanding availability requirements.
• Document security impacts of new implementations for the organization’s overall risk posture.
• Implement DevSecOps pipelines with automated security testing and vulnerability remediation.
• Assess current security architecture effectiveness through evaluation and testing.
• Identify existing security gaps and opportunities for improvement.
• Other responsibilities and duties as assigned by the MMO and O&MPD Leadership.

Benefits

• Health, dental, and vision insurance
• Life insurance
• Short-and-long term disability
• Paid time off (PTO)
• 401k retirement plan with employer match
• Annual Professional Development Reimbursement Program