Cloud Network Security Architecture Manager (TIC 3.0)

About The Position

Requirements

• Bachelor’s degree or equivalent experience.
• 10+ years in cloud, network, or platform engineering within enterprise or federal environments.
• 3+ years leading AWS/Azure hybrid or multi cloud architectures.
• Experience supporting federally regulated cloud/network environments.
• Ability to support 24×7×365 TIC operations and incident response bridges.
• Strong knowledge of NIST 800 53/RMF, Zero Trust, TIC 3.0, FedRAMP, and continuous monitoring.
• Hands on experience with cloud networking, IAM/Entra ID, VPC/VNet design, SD WAN, DNS, NAT, and firewalls.
• Familiarity with IaC/automation (Terraform, CloudFormation/Bicep, Ansible) and CI/CD pipelines.
• Experience with Kubernetes/OpenShift architectures, observability tools, and log analytics/SIEM platforms.
• Ability to lead multi vendor/SIAM coordination, cross domain changes, and compliance remediation.
• Public Trust clearance required.

Nice To Haves

• AWS Solutions Architect – Professional
• Azure Solutions Architect Expert
• VMware Certified Professional
• CKA/CKAD or OpenShift Administrator
• Terraform Associate

Responsibilities

• Lead secure cloud and network architecture design across AWS, Azure, and VA enterprise environments.
• Oversee TIC 3.0 modernization, gateway operations, DNS filtering, SSL decryption, and IPS/IDS signature management.
• Manage security, compliance, and performance for multi cloud and hybrid network environments.
• Coordinate with engineering, cybersecurity, and operations teams to align solutions with VA policies and mission objectives.
• Communicate risks, technical impacts, and architecture decisions to leadership and stakeholders.
• Evaluate emerging technologies, conduct pilots, assess vendor solutions, and recommend modernization approaches.
• Provide Tier IV escalation support for cloud network security, gateway, and telecom issues.
• Produce security and TIC reporting, vulnerability summaries, and compliance updates.
• Oversee external connection approvals, VPN/BPE lifecycle, audits, and configuration reviews.
• Lead technical refresh, gateway redesign, and next generation TIC/gateway implementation.
• Mentor engineering staff and promote adoption of secure architecture practices.
• Support development of functional requirements, technical documentation, and test/validation plans.

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Full flex work weeks where possible
• A variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• Short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance