Job Family:
IT Architecture/Cloud (Digital)
Travel Required:
Up to 10%
Clearance Required:
Active Public Trust
What You Will Do:
The Cloud Security Architect is responsible for leading the development of cyber-security architecture in an agile environment, ensuring technology initiatives are implemented within the framework to secure one of our key government client's cloud environments. The right candidate will be accountable for strategic planning, architecture, and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures.
The primary areas of focus for the Cloud Security Architect is to advise in developing Cloud risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address Cyber-Security, Cyber Defense and Business needs of our customer.
Design security solutions for Azure cloud environments including leading architecture reviews for decision records.
Knowledge areas include IAM with Entra ID/Azure Active Directory, posture management, workload protection, SIEM/SOAR, application software testing.
Build architectural runway for infosec requirements for both infrastructure and application development teams.
Collaborate with agile teams to ensure security requirements are met.
Analyze and continuously monitor cybersecurity and privacy policies, processes and compliance artifacts, systems authorization, and management in a cloud environment.
Analyze and map existing security controls and safeguards to compliance requirements for a cloud environment.
Conduct architecture reviews and security impact assessments for technology and software development initiatives.
Assist in the implementation a Azure Zero-Trust Architecture as a core part of all design and development of the cloud solution.
Coordinate application and infrastructure risk mitigation and vulnerability remediation activities.
Assist in the design, development, implementation, and deployment of a hybrid cloud solution in a FedRAMP High environment involving integration of hybrid cloud solutions with on-premises components and systems.
Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide incident response support to locate and prevent threats.
What You Will Need:
Bachelor's degree required
5+ years’ cyber related experience in a commercial environment with Azure, in a technical information security and risk management role.
5+ Firsthand working with the various Azure security tools/platforms such as Azure AD, Sentinel, Defender, Monitor, Key Vault, or similar in other platforms.
5+ years managing security policies and initiatives in Azure.
Identity Access and Management concepts, multifactor authentication, SSO/Federation
Privileged Access Management key concepts
Ability to set up and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure Cloud regions.
Vulnerability testing as it relates to Azure systems.
Security concepts & tools related to CI/CD pipelines, and software scanning.
Demonstrable understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux
What Would Be Nice To Have:
Master degree
INFOSEC Certifications: CISSP, CCSP, CISM
Azure/AWS/Google Training and Certification
Microsoft Certifications/Exams a recommended: Sc-100 Cybersecurity Architect; Sc-300 Identity and Access Administration; AZ-500 Azure Security Engineer
Crowdstrike Falcon EDR for Azure
Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST.
Demonstrated experience collaborating directly with external clients, business leadership, and auditors.
Direct technical background, to include familiarity with servers, network devices, and security systems.
Experience working as system or portfolio architect on agile release trains.
Working knowledge of current NIST 800-53 for Azure and FedRAMP High for Azure, Azure CIS Benchmark compliance
Working knowledge of Azure CAF and Terraform
OpenText Fortify experience a plus.
The annual salary range for this position is $132,600.00-$198,800.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short-Term & Long-Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus