Lead, IT Architect

About The Position

Requirements

• Active US Secret security clearance
• Bachelor’s Degree in computer science, Information Technology, or related degree and minimum 9 years of prior relevant experience.
• Graduate Degree in computer science, Information Technology, or related degree and a minimum of 7 years of prior related experience.
• In lieu of a degree, minimum of 13 years of prior related experience.
• DoD 8570 Compliant (At least certified in CompTIA Security+ CE)

Nice To Haves

• Active Top Secret clearance with current 5 year update.
• Experience with Linux in an enterprise setting (i.e., RHEL, CentOS, Fedora)
• Experience with scripting and/or automation (i.e., Bash, Python, Ansible, etc.)
• Experience with Windows in an enterprise setting (i.e., Server 2019, Exchange, MDT/WDS)
• Experience with VMware in an enterprise setting (i.e., vSphere, vCenter, vSAN)
• Experience with network storage solutions (i.e., SAN/NAS, NetApp, MSA, iSCSI, FCP)
• Experience with industry frameworks and methodologies: ITIL/Agile/Scrum/DevOps/SRE
• Experience with designing and administering VMWare infrastructure
• Experience with Cisco routing and switching environments, including network topology design, VLAN configuration, and virtualization integration
• Experience with SIEM tools (i.e. Splunk)
• Experience with Tenable.SC deployment & configuration
• Experience with PDQ Deploy and Inventory Windows patch management tool

Responsibilities

• Execute duties with minimal to no oversight, proactively identifying and improving areas of deficiency
• Ensure compliance with IT system administration, security, and regulatory standards (JSIG, NIST 800 series, DoD Manuals Vol. 1–4)
• Support system design, engineering enhancements, and process improvements across environments
• Assist in planning, developing, and implementing automation solutions and workflows
• Monitor, track, and present technical performance metrics for IT systems
• Analyze system capacity and performance to align with operational requirements
• Collaborate with development teams to assess and plan for future growth and scalability
• Maintain and support IT systems, ensuring stability, availability, and security
• Present technical designs and participate in design reviews with stakeholders
• Contribute to proposal efforts, including both technical input and cost considerations
• Lead the design and implementation of enterprise security architectures aligned with the Joint Special Access Program Implementation Guide across classified and unclassified environments
• Architect end-to-end vulnerability management strategies leveraging Tenable Security Center, including scan architecture, data flows, and remediation pipelines
• Define and enforce enterprise STIG compliance frameworks using Security Technical Implementation Guides across Microsoft Windows and Red Hat Enterprise Linux platforms
• Establish secure system baselines and gold images, ensuring consistency across on-prem, virtualized, and hybrid infrastructures
• Serve as technical authority for risk management and accreditation, guiding systems through RMF and ATO processes with full lifecycle ownership
• Design and oversee Plan of Action and Milestones (POA&M) strategies, ensuring vulnerabilities are prioritized, tracked, and remediated in alignment with mission risk
• Develop architecture patterns that integrate security controls, logging, and monitoring, leveraging platforms such as Splunk Enterprise for enterprise visibility
• Translate vulnerability and compliance data into actionable risk decisions, briefing leadership and stakeholders at the program and enterprise level
• Architect automated remediation frameworks using Ansible, Bash, and PowerShell to enforce compliance at scale
• Define and implement continuous monitoring strategies, integrating scan data, system telemetry, and configuration drift detection
• Lead security architecture reviews, design approvals, and control validations for new and existing systems
• Provide guidance on infrastructure modernization and secure system design, including hardware refresh cycles and platform standardization
• Ensure systems are designed to meet audit readiness and inspection requirements, including DISA assessments and compliance inspections
• Architect identity and access management models, including privileged access controls, RBAC, and auditing mechanisms
• Design secure network architectures, including segmentation, boundary defense, and secure communications aligned with DoD requirements
• Collaborate with engineering, operations, and cybersecurity teams to ensure security is embedded in system lifecycle (DevSecOps)
• Establish and maintain technical documentation, reference architectures, and security design standards
• Provide technical leadership to engineers and analysts performing STIG implementation, vulnerability remediation, and compliance validation
• Support program stand-up efforts, defining secure architectures from initial design through operational deployment
• Evaluate and integrate emerging technologies into the enterprise while maintaining strict compliance and risk posture