Mid-Level Applied Security Architect

About The Position

Requirements

• Bachelor’s degree in computer science, information security, engineering, or a related field.
• 4–6 years of experience in cybersecurity engineering/architecture, security operations, or compliance in federal or regulated environments.
• Practical experience implementing controls for cloud and hybrid systems (identity, encryption, logging, least privilege, hardening).
• Handson familiarity with SIEM/monitoring tools, vulnerability scanners, endpoint protection, and configuration management.
• Strong understanding of protecting sensitive data (e.g., proposal content, PII) and operationalizing privacy/security requirements.
• Clear written and verbal communication skills for technical documentation, diagrams, and leadership briefings.
• Demonstrated ability to collaborate with cross-functional teams and deliver secure solutions on schedule.
• U.S. citizenship and ability to meet federal suitability requirements if needed.

Nice To Haves

• Experience supporting DOE SBIR/STTR or other federal research/innovation programs.
• Working knowledge of federal cybersecurity frameworks and standards (e.g., NIST SP 800 series, FISMA), zero trust principles, and control baselines.
• Exposure to FedRAMP aligned cloud environments and securing SaaS platforms used for collaboration, workflow, and data analytics.
• Certifications such as Security+, SSCP, CySA+, CCSP, or GIAC (e.g., GSEC, GCSA); progress toward CISSP or CISM is a plus.
• Familiarity with secure DevSecOps practices, automation, infrastructure as code, and compliance as code concepts.
• Background or interest in energy technologies or scientific R&D environments.

Responsibilities

• Design, document, and implement security controls across SBIR/STTR systems (cloud, onprem, and hybrid), aligned with program requirements.
• Support development of secure architectures for applicant portals, proposal review workflows, data pipelines, and reporting dashboards.
• Configure and maintain identity and access management (IAM), rolebased access, leastprivilege settings, and privileged access management.
• Implement data protection safeguards (encryption at rest/in transit, key management, DLP policies, secure file transfer, tokenization where needed).
• Contribute to vulnerability management and secure configuration baselines; perform assessments, track remediation, and update POA&Ms.
• Assist with logging/telemetry design and SIEM use cases; tune alerts, create dashboards, and support continuous monitoring.
• Participate in risk assessments and threat modeling for new features, integrations, and vendor tools supporting SBIR operations.
• Draft and maintain technical procedures, configuration standards, and build/run books that codify secure operational practices.
• Support compliance documentation (control narratives, diagrams, evidence collection) and ATO package preparation under senior guidance.
• Coordinate with stakeholders to ensure security requirements are embedded early (secure-by-design) and do not impede mission delivery.
• Contribute to incident response readiness (playbooks, tabletop exercises, post incident reviews) and implement corrective actions.
• Recommend pragmatic process improvements that strengthen security posture and user experience across the program.

Benefits

• health, dental and vision insurance
• 401K with company matching
• flexible spending accounts
• paid holidays
• three weeks paid time off