OverviewResponsibilities
- Architect and implement security solutions aligned with federal mission objectives across defense, intelligence, and civilian agencies.
- Design secure systems compliant with federal frameworks, including the NIST Risk Management Framework (RMF) and FedRAMP.
- Lead security initiatives in classified, Controlled Unclassified Information (CUI), and high-security environments.
- Integrate advanced security controls into existing enterprise architectures and legacy government systems.
- Define and enforce security governance, risk management, and responsible data practices in accordance with federal guidelines.
- Collaborate with cybersecurity teams, program managers, and mission stakeholders to navigate the Authority to Operate (ATO) process.
- Guide secure cloud-based deployments in GovCloud environments (AWS GovCloud, Azure Government).
- Oversee DevSecOps pipelines with a focus on auditability, traceability, and compliance.
- Support proposal development, technical volumes, and security architecture for new contract bids.
Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
- Experience: 8+ years in cybersecurity or software engineering, with 3–5+ years specifically architecting security solutions in government environments.
- Expertise: Strong background in secure system design and compliance-driven architecture.
- Environment: Experience working in Agile and/or DevSecOps environments.
Preferred Certifications
- Federal & Security: CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), or CompTIA Security+.
- Cloud: AWS or Azure Security/Solutions Architect certifications (GovCloud experience preferred).
- Architecture: TOGAF or similar frameworks.
Technical Skills & Regulatory Expertise
- Frameworks: Deep familiarity with FISMA, NIST 800-53, and DoD 8570 / 8140.
- Cloud Security: Knowledge of FedRAMP Moderate/High baselines and secure data handling for CUI.
- Security Architecture: Expertise in Zero Trust Architecture (ZTA) and microservices security in zero-trust environments.
- Infrastructure: Experience with containerization (Docker, Kubernetes) in secure clusters and securing data platforms like Databricks or Spark.
Clearance Requirement
- Active security clearance (Secret or Top Secret) or eligibility to obtain one.