Enterprise Security Architect
About The Position
The Enterprise Security Architect provides architectural leadership and end-to-end security design for the DMA SOC and AFPIMS enterprise. This role is responsible for defining the overall security technology roadmap, evaluating cybersecurity platforms, aligning designs to RMF Rev 5 and DoD CSSP requirements, and ensuring secure integration across Palo Alto firewalls, Trellix/XDR, SIEM/Splunk, identity platforms, cloud services, and endpoint assets. The Architect partners closely with the SOC Lead, ISSM/ISSO, network engineers, cloud engineers, and ATO/RMF teams to ensure a strong integrated security posture. This position will directly support the stand-up of enterprise SOC services, logging architecture, threat detection strategy, and Zero-Trust principles.
Requirements
- 8+ years designing enterprise cybersecurity architectures.
- Expert knowledge of modern SOC technologies: Splunk SIEM EDR/XDR (Trellix or similar) Firewalls (Palo Alto) ZTNA Data security/cloud logging
- Strong understanding of: NIST CSF RMF (NIST 800-53 Rev 5) Zero Trust Architecture (ZTA) DoD CSSP requirements
- Demonstrated experience building cyber operational architectures for large enterprises.
- In-depth knowledge of: Network security segmentation, Log pipelines, Dataflow analysis
- Identity & access management. Ability to write technical documentation, diagrams, and design artifacts (Visio, Lucid, etc.).
- Excellent communication skills for technical + executive audiences.
Nice To Haves
- Experience in DoD environments / classified environments.
- Prior SOC build-out experience.
- Experience supporting RMF ATO packages and eMASS workflows.
- Understanding of DevSecOps, CI/CD, SOAR, and cloud automation.
- Familiarity with AWS GovCloud, container platforms (K8s), and CDNs.
- Experience supporting CSSP and CORA audit needs.
- Scripting ability (Python, PowerShell).
- Certifications (Highly Preferred): CISSP (strongly preferred), CCSP GIAC (e.g., GDSA, GCCC, GSEC, GCIA, GCED) AWS Security Palo Alto CNSE/PCNSE DoD 8140/8570 IAM-III / IAT-III eligible
Responsibilities
- Architect end-to-end security solutions supporting SOC operations, IR workflows, and hunt capability.
- Define security architecture reference models for AFPIMS and supporting DMA systems.
- Lead design and integration of: SIEM (Splunk), EDR/XDR (Trellix), Network Security (Palo Alto) Cloud logging pipelines (AWS GovCloud). Zero Trust services & Identity
- Develop security standards, configuration baselines, and integration patterns.
- Build logging, telemetry, and retention strategies aligned with DoD compliance.
- Define detection and monitoring strategy using Splunk, EDR, firewall events, and threat Client feeds.
- Work with engineering teams to improve SOC visibility/coverage.
- Perform platform evaluations, tool selection, and trade studies.
- Support RMF Rev 5 ATO activities, including: Security architecture diagrams, Control inheritance mapping, System boundary definition & overlays
- Oversee design for automated security pipelines, SOAR workflows, and threat analytics platforms.
- Create system security architectures that support the principles of Zero Trust.
- Coordinate with ISSM/ISSO to ensure compliance with DoD policies, STIG, IAVM, and POA&M activities.
- Develop and maintain documentation, including: Security Architecture Docs (SAD) CONOPS IR workflows, Dataflows/integration maps
- Provide technical guidance during security incidents & major outages.
- Mentor operations, engineering, and SOC analysts.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
251-500 employees
