Role : Cloud Solutions Architect

Client : DC Government

Location : Washington DC (Hybrid)

Job Description:

Key Responsibilities:

Strategic Planning and Advisory:

o Develop and refine the organization’s cybersecurity strategy, ensuring alignment with overall business goals.

o Provide expert guidance on implementing industry-standard security program frameworks such as NIST CSF, ISO 27001, and CIS Controls.

o Identify emerging threats and recommend proactive technical measures to mitigate risks.

o Design and enablement of cyber controls functions and processes based on CMMC / NIST 800-171, NIST 800-53

Risk Management:

o Familiarity with risk management frameworks like NIST RMF, ISO 27005, and FAIR.

o Conduct comprehensive cybersecurity risk assessments, identifying vulnerabilities and recommending remediation strategies.

o Develop and maintain a robust risk management program to address both IT and operational risks.

o Implement technical solutions to manage and monitor risk effectively, including vulnerability management tools.

Technical Oversight

o Design and validate secure network architectures, focusing on principles such as Zero Trust and least privilege.

o Evaluate and implement advanced security technologies, including EDR, SIEM, DLP, and intrusion detection/prevention systems.

o Provide hands-on technical assessments of infrastructure, applications, and cloud environments to ensure security compliance.

o Oversee penetration testing activities and ensure identified vulnerabilities are remediated.

Policy and Governance

o Lead the development and enforcement of cybersecurity policies, standards, and procedures.

o Establish metrics and reporting mechanisms to measure the effectiveness of cybersecurity initiatives.

o Support incident response planning and governance, ensuring technical readiness for potential breaches.

Cloud and Emerging Technologies

o Provide technical guidance on securing multi-cloud environments, including AWS, Azure, and Google Cloud.

o Evaluate and implement cloud-native security tools, such as CSPM, CIEM, and workload protection platforms.

o Advise on emerging technologies like AI and ML, focusing on their application in threat detection and response.

Incident Response and Threat Intelligence

o Develop and oversee technical aspects of the incident response plan, ensuring readiness for real-world threats.

o Leverage threat intelligence platforms to proactively identify and address potential vulnerabilities.

o Coordinate with SOC teams to fine-tune detection rules and improve response times.

Qualifications:

Education:

o Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Experience:

o Minimum of 15 years of experience in information security.

o Proven experience with NIST CSF, NIST 800-53, and NIST 800-171 frameworks.

o Proven track record of developing and executing cybersecurity strategies for organizations of varying sizes and industries.

o Hands-on experience with risk assessments, compliance audits, and incident response planning.

o Prior role as a Sr. Security Consultant, Security Architect, or similar position is highly desirable.

Certifications:

o Relevant certifications (e.g., CISSP, CISM, CISA, CRISC, OSCP, CEH, or GSEC).

Skills:

o Strong understanding of cybersecurity frameworks, regulatory requirements, and risk management methodologies.

o Proficiency with technical tools such as vulnerability scanners (e.g., Nessus, Qualys), SIEM platforms (e.g., Splunk, QRadar), and EDR solutions (e.g., CrowdStrike, Cisco Secure Endpoint, Cisco Secure Workload).

o Exceptional communication and presentation skills, with the ability to convey complex cybersecurity concepts to both technical and non-technical stakeholders.

o Leadership and influence capabilities to drive organizational change.

o Analytical mindset with the ability to anticipate and solve complex challenges.

o Expertise in cloud security, Zero Trust architecture, and emerging technologies.

Flexible work from home options available.