United States onlyQualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field.
- Minimum 8–10 years of experience in cybersecurity engineering and architecture roles.
- Demonstrated experience designing secure enterprise and system architectures.
- Strong knowledge of federal cybersecurity frameworks and standards.
- Experience with hybrid and cloud security architectures (AWS, Azure).
- Strong documentation, communication, and stakeholder engagement skills.
- Active CISSP, CCSP, CISM, AWS or Azure Certification (preferred).
- Design secure enterprise, system, and solution architectures aligned with HRSA and HHS cybersecurity strategies.
- Develop and maintain security architecture artifacts including diagrams, reference architectures, and technical design documents.
- Engineer, deploy, and maintain infrastructure supporting security tools and platforms within the SOC and HRSA IT environment.
- Design high availability, fault-tolerant, and resilient security architectures for mission-critical systems.
- Integrate security controls across network, endpoint, application, cloud, and data layers.
- Support Zero Trust Architecture (ZTA) implementation in alignment with OMB M-22-09 and NIST guidance.
- Ensure architectures comply with NIST SP 800-53, NIST SP 800-37, FISMA, FIPS 199/200, and HHS policies.
- Collaborate with system owners, ISSOs, engineers, and architects to embed security into system design and SDLC processes.
- Design integration architectures to support SOC tools, SIEM, SOAR, EDR, vulnerability management, and threat intelligence platforms.
- Support cloud and hybrid security architectures including IAM, network segmentation, encryption, logging, and monitoring.
- Evaluate new technologies and tools for security architecture impact, risk, and compliance.
- Develop configuration baselines, technical standards, and engineering SOPs.
- Support change management by developing technical implementation plans and architecture impact assessments.
- Provide architectural guidance during incident response, vulnerability remediation, and system modernization efforts.
- Participate in audits, assessments, and architecture reviews to ensure continued compliance and risk reduction.
