GRC Process Architect

About The Position

Requirements

• U.S. Citizen required
• 5+ years of experience in IT or information security engineering or architecture
• Strong knowledge of security principles
• Strong knowledge of Microsoft cloud services (e.g., Azure Active Directory, Azure IaaS/PaaS, Office 365)
• Strong understanding of secure web application network protocols (HTTP(S), TLS, SFTP, etc.)
• Understanding of the OWASP Top 10 application security risks and its mitigations
• 5 years of experience in cloud security, application security, and/or network security

Nice To Haves

• 5+ years direct architectural experience
• Prior experience performing ongoing maintenance and operations of security technologies (e.g. management of firewalls, IDS/IPS, endpoint security, etc)
• Knowledge of US security requirements related to regulations/standards such as NIST SP 800-171, 800-53, RMF, ISO 27001, SOX, etc.
• Experience using Agile within project or development teams
• Certifications: CISSP, CISSP-IASSP, CISM, SSCP, SANS GIAC (e.g. GCIA, GCIH, GPEN), CASP, CCNP Security
• An active security clearance or the ability to obtain one may be required for this role

Responsibilities

• Proactively assessing organizational security architecture against NIST CSF, MITRE ATT&CK, and other relevant security frameworks to identify large‑scale architectural gaps.
• Performing threat modeling across systems, applications, and business processes to uncover systemic risks and drive early remediation.
• Designing and building new security processes, patterns, and guardrails that enable secure and scalable technology adoption.
• Collaborating across IT and engineering teams to embed secure architecture principles and influence strategic technical decisions.
• Map organizational architectures, capabilities, and controls to NIST CSF, MITRE ATT&CK, and other cybersecurity frameworks to identify strengths, gaps, and improvement opportunities.
• Perform threat modeling activities to evaluate proposed or current designs, identify attack paths, and guide teams toward resilient architecture.
• Identify enterprise‑level security architecture gaps and propose scalable, actionable remediation strategies.
• Design, implement, and mature repeatable security processes, architecture standards, and reusable security patterns.
• Participate early in IT and business solution design to provide proactive architectural guidance and ensure alignment with secure‑by‑design principles.
• Communicate technical and architectural needs to key stakeholders by translating complex technical concepts into clear, digestible, and actionable information.
• Collaborate with Agile, DevOps, and engineering teams to embed secure development practices and escalate architecture concerns when necessary.
• Validate software, platform, and cloud architectures for adherence to modern security best practices and recommend architectural improvements.
• Translate business needs, technical requirements, and regulatory obligations into clear and actionable security architecture requirements.
• Act as a trusted advisor to technology teams, enabling secure solution design and promoting adoption of enterprise security controls.
• Collaborate with peer architects and security practitioners to share best practices, strengthen architectural maturity, and ensure consistency across the enterprise.
• Monitor emerging technologies, evolving threats, and industry trends to ensure architectural strategies remain relevant, proactive, and resilient.
• Stay up‑to‑date on the state of enterprise IT and security tools, trends, and processes.
• Evaluate AI‑driven systems and integrations for security risks, ensuring responsible use of AI technologies and incorporating secure‑by‑design principles into AI‑related architectures.

Benefits

• Accenture Federal Services offers a wide variety of benefits.