Cloud Security Architect - Senior

About The Position

Requirements

• Expert knowledge of cloud security architecture, secure cloud design patterns, cybersecurity frameworks, compliance controls, and federal cloud security requirements.
• In-depth knowledge of cloud service providers such as AWS, Microsoft Azure, and Google Cloud, including secure service selection, configuration, and governance considerations.
• Strong understanding of DoD SRG, FedRAMP, DISA requirements, Zero Trust principles, and security control implementation in Government or secure IT environments.
• Expertise in information security technologies, countermeasures, network security policies, vulnerability management, incident response, and risk assessment practices.
• Strong understanding of network architecture, network protocols, application development methodologies, data privacy, and cloud infrastructure security.
• Ability to analyze security systems, identify weaknesses, assess threats, and continuously recommend improvements to security posture.
• Ability to think adversarially, anticipate attack paths, and design practical controls that reduce exploitability and operational risk.
• Strong problem-solving, analytical, and technical judgment skills in complex cloud, cybersecurity, and compliance environments.
• Excellent written and verbal communication skills, with the ability to explain complex security, architecture, and compliance concepts in an understandable manner.
• Ability to collaborate across technical, cybersecurity, program management, and Government stakeholder terms to align architecture decisions with mission objectives.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Cloud Computing, Engineering, or a related field; Master's degree preferred.
• 10+ years of experience developing, implementing, securing, or managing cloud environments, particularly in a government, federal, defense, or secure IT setting.
• Demonstrated experience developing cloud security architectures, security policies, control frameworks, compliance artifacts, or secure deployment patterns.
• Experience supporting cybersecurity compliance, security audits, vulnerability management, incident response, risk assessments, and continuous monitoring activities.
• DoD Secret Security Clearance.

Nice To Haves

• Cloud architecture or security certifications preferred, such as AWS Certified Solutions Architect, Google Cloud Professional Cloud Architect, Microsoft Azure Solutions Architect Expert, Certified Cloud Security Professional (CCSP), or similar.
• Experience working with cloud engineering, DevSecOps, application, infrastructure, cybersecurity, and Government stakeholder teams preferred.

Responsibilities

• Define and govern secure cloud security architectures by selecting and approving DoD SRG- and FedRAMP-compliant services for MC&FP cloud environments.
• Develop security architectures, control frameworks, policy artifacts, and technical patterns aligned with DISA, DoD, FedRAMP, and applicable federal cybersecurity requirements.
• Establish and mature Zero Trust security patterns across cloud environments, including identity, access, segmentation, monitoring, data protection, and compliance enforcement considerations.
• Provide architectural direction for DevSecOps integration, vulnerability assessment scope, security compliance enforcement, and secure cloud deployment practices.
• Collaborate with IT, cybersecurity, cloud engineering, and program teams to ensure cloud architectures follow strict security protocols and mission requirements.
• Develop, implement, and maintain cloud security policies, protocols, procedures, standards, and governance artifacts.
• Assess existing security measures, cloud configurations, network security controls, and application security practices, and recommend enhancements to reduce cyber risk.
• Monitor security vulnerabilities, cyber threats, network traffic, and unusual activity affecting cloud infrastructure, data, and mission systems.
• Conduct security audits, risk assessments, control reviews, and compliance assessments, and prepare audit reports and leadership-level findings.
• Support incident response activities, including investigation, containment support, root cause analysis, and post-event analysis of cybersecurity incidents.
• Update security measures as necessary to protect data, systems, applications, infrastructure, and sensitive information from unauthorized access or compromise.
• Provide security training, technical guidance, and architectural recommendations to colleagues, stakeholders, and leadership.