SECURITY ARCHITECTURE & ENGINEERING SME

About The Position

Requirements

• High level of attention to detail, needs minimal guidance, effective verbal, and written communications.
• Adept at both the strategic and operational/technical level.
• Able to adapt to new and changing requirements / priorities and manage work accordingly.
• At least 5 years (preferred 10 years) of network, systems, applications experience, in areas such as:
• LAN/WAN, WAF/CDN/DDOS, Network Firewalls, IDS/IPS, Virtualization, hypervisor security, container security, Application development, serverless security, microservices, CICD.
• At least 5 years of designing and/or implementing security in Cloud environments (AWS and Azure; GCP is also preferred but not required). Operational experience with the following is preferred.
• Multi-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility model.
• AWS Security Hub, Audit Manager, Config., Guard Duty, CloudTrail, CloudWatch, Lambda.
• Azure E3/E5, AD, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.
• Experience with DevSecOps strategy and implementation and designing architecture in accordance to RMF, CSF, FISMA, and Fedramp.
• Knowledge of ZTA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.
• Candidate must have a Bachelor of Science (or higher) in one of the following:
• Engineering, Computer Science, Information Technology (IT), Cybersecurity, or a similar technical field.
• The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or IT.
• The candidate must have a: Certified Information Systems Security Professional (CISSP), and
• At least one of the following, or equivalent:
• Certified Cloud Security Professional (CCSP), AWS Certified Solutions Architect Associate, AWS Certified Security Specialist, Microsoft Azure Solutions Architect,Google Professional Cloud Architect.
• Minimum Background Investigation

Responsibilities

• Develop, maintain, and evolve the Enterprise Security Reference Architecture (ESRA).
• Provide architectural input to the organization's Cybersecurity Roadmap and Strategy, addressing: o Continuous ATO (cATO) and automated control testing maturity.
• Cloud security standards, compliance, and improvements to ATO timelines.
• Cloud monitoring, detection, response, and security operations.
• Privacy, continuous monitoring, and vulnerability assessment modernization.
• Integration of security scanning into cloud pipelines.
• Implementation of EO 14028 (ZTA) and SCRM requirements.
• Architect and implement continuous monitoring pipelines for automated evidence collection (SIEM, XDR, scanners, cloud APIs, CI/CD).
• Develop and manage OSCAL profiles, inheritance models, and evidence data contracts.
• Integrate telemetry and evidence into AO‑grade dashboards.
• Support ATO intake, assessment workflows, and vulnerability scanning processes.
• Conduct RMF‑aligned security reviews for compliance and best practices.
• Develop security architectural patterns that expedite ATO by pre‑meeting control requirements.
• Collaborate with the Cybersecurity Authorizations & Compliance Branch to design systems supporting cATO, reduce ATO processing times, provide data‑call responses, and participate in working groups.
• Design and deploy native cloud security services across AWS, Azure, and Google Cloud.
• Lead the development of enterprise cloud security blueprints, including security in Infrastructure‑as‑Code (IaC) templates.
• Conduct proofs‑of‑value for cloud‑native, COTS, third‑party, or open‑source security tools.
• Provide security architecture input for DevSecOps strategy, including vulnerability scanning, automated assessments, and implementation of security controls.
• Conduct requirements‑gathering sessions and cATO current‑state assessments.
• Recommend security requirements, architectural direction, and support testing for enterprise initiatives such as: cATO, automated assessments, ZTA, SASE, CASB, SWG, TIC 3.0, ICAM, CMDB, etc.
• Collaborate with operational teams to improve cloud security monitoring, including ingestion and analysis of API, application, database, and flow logs into SIEM platforms.
• Support development of cloud event analysis and alert tuning to increase detection fidelity.
• Identify vulnerabilities across the SDLC and help contain, minimize, and remediate associated risks.
• Provide system engineering and architectural design support, including:
• Studies and analyses of operational changes; End‑to‑end architecture trade‑off assessments
• Development of strategic and tactical plans; Evaluation of new program requirements
• Research and assessment of new technologies for operational enhancement
• Conduct architectural risk assessments, threat modeling, and secure design reviews.
• Support backlog refinement, sprint planning, capacity planning, and retrospectives.
• Ensure teams deliver high‑value increments meeting the Definition of Done.
• Facilitate stakeholder collaboration as needed.