Cybersecurity Architect (DoD / Cloud Security)

About The Position

Requirements

• Active Secret clearance (required).

Nice To Haves

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• Eight or more years of cybersecurity experience, including experience supporting DoD or Federal systems.
• Hands-on experience securing cloud environments in AWS GovCloud and Microsoft Azure / Azure Government.
• Demonstrated experience using eMASS to manage RMF lifecycle activities and authorization packages.
• Strong experience with SIEM and SOAR platforms, ACAS scanning, and STIG compliance.
• Working knowledge of NIST SP 800-53, Zero Trust architecture principles, and DevSecOps security practices.
• One or more cybersecurity certifications required, including CISSP, CCSP, CISM, and CASP+ / SecurityX.

Responsibilities

• Lead cybersecurity architecture for a DoD cloud-based system operating in a regulated environment across the full cybersecurity lifecycle, including, but not limited to, security planning, architecture and design, implementation, authorization, continuous monitoring, incident response, and sustainment.
• Design, implement, and govern cybersecurity controls aligned with DoD RMF, the Cybersecurity Risk Management Construct (CSRMC), and Continuous Authority to Operate (cATO) principles.
• Architect and secure cloud environments in AWS GovCloud and Microsoft Azure / Azure Government, including, but not limited to, identity management, network security, encryption, logging, monitoring, and configuration management.
• Design and mature Zero Trust Architecture across identity, device, network, application, data, and visibility layers in alignment with DoD Zero Trust guidance.
• Lead continuous monitoring activities, including ACAS scanning, STIG compliance, configuration validation, vulnerability identification, and remediation tracking.
• Architect, integrate, and tune SIEM and SOAR capabilities, including, but not limited to, centralized log aggregation, real-time threat detection, automated response workflows, and coordination with security operations teams.
• Integrate security controls into DevSecOps and CI/CD pipelines, including, but not limited to, SAST, DAST, dependency scanning, container security, and policy-as-code automation.
• Perform security risk assessments and translate technical findings into risk-based recommendations for system owners, program leadership, and Authorizing Officials.
• Manage Plans of Action and Milestones (POA&Ms) through closure and track remediation progress in accordance with mandated timelines and risk tolerance.
• Prepare, review, and maintain cybersecurity and authorization artifacts in eMASS, including, but not limited to: System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Control implementation narratives and supporting evidence packages
• Partners with engineering, cloud, and operations teams to embed security by design, improve system resilience, and reduce operational risk.
• Support cybersecurity audits, inspections, and Cyber Operational Readiness Assessments (CORA), ensuring audit-ready documentation, traceability, and evidence integrity.
• Assist in the Discovery Phase activities of gathering user requirements, business analysis, legacy system analysis, Epic/Story creation, external data integration planning, and product backlog management.

Benefits

• medical, dental, and vision insurance
• life and disability insurance
• 401(k) plan with employer match
• paid holidays
• PTO (sick/vacation)
• commuter benefits
• employee assistance program (EAP)
• educational reimbursement
• Pet Insurance