Cloud Security Program Architect, Lead

Job Description

Cloud Security Program Architect, Lead

Key Role:

Manage a Cloud Services Security Team and serve as the primary security point of contact for an expanding, premier cloud services program within the federal government, including over 200 cloud services being provisioned to over 70 tenants and counting. Facilitate discussions with executive federal stakeholders to develop and implement a strategy for advancing security operational compliance activities as part of a security framework aligned with the cloud program vision, including efforts required to address the recent Cyber Executive Order (EO). Provide management and coordination of security delivery for ongoing base operations and any new initiatives that require security subject matter expertise. Work closely with Product Owners to plan and prioritize operational compliance activities, including ATO re-certifications, environment security posture and remediations, and security SRE. Identify improvements to regulatory security processes, tooling, and security architecture input for new initiatives and products as part of expansion activities.

Basic Qualifications:

• 15+ years of experience establishing, managing, and maturing security and compliance programs in the federal sector, including delivering complex Security IT solutions and resolving business challenges through technical implementation
• Experience with developing and maturing a security program for a complex cloud infrastructure environment, including assessing the security posture of an enterprise network infrastructure of hybrid cloud and multi-cloud environments
• Experience with risk management and development of mitigation strategies, including selecting, designing, and implementing appropriate security controls and coordinating strategies across multiple business lines, teams, and senior leadership
• Experience with facilitating strategic discussions with Business Leaders and Product Owners to influence and develop secure product visions and security informed roadmaps for complex cloud services PaaS and IaaS solutions
• Experience designing and implementing Zero Trust Architecture within a cloud services environment and containers-based, micro services architecture
• Experience with leading the analysis, assessment, design, and implementation of enterprise Cybersecurity solutions and the development of new Cybersecurity hardening solutions for new systems
• Experience with vulnerability management, Assessment and Authorization (A&A), Authority to Operate (ATO) and incident response, including vulnerability scanning tool compliance, patch management, and overseeing compliance activities related to all directives
• Ability to obtain a security clearance
• Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology Management, or Cloud Computing
• DOD IAM 3 Security, CISM, CISSP, including Associate, GSLC, or CCISO Certification

Additional Qualifications:

• Experience with serving as an Information Assurance officer (ISSO) for cloud solutions
• Experience with executing NIST 800-37, NIST 800-39, and NIST 800-53 and RMF
• Experience with working on Agile software development projects, including end-to-end life cycle and test engineering or QA
• Experience with establishing a successful cATO program
• Experience with tools, including Netsparker, Fortify WebInspect, SonarQube, Splunk, or similar Cybersecurity tools
• Knowledge of continuous threat detection, operational technology, including ICS or SCADA, and current Cyber practices required to secure and defend such capabilities

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.