Security Architect

Job title - Security Architect (Only VA And DC Applications Accepted)

Location - Fairfax, VA

Job type - Contract-to-hire

Duration - 6+ months

Visa requirement -

Interview - Web/In-person

Work type - Hybrid(3 days onsite)

Local Candidates and North Virginia candidates only

Location: Hybrid/On-site Northern Virginia Type: Full-time Reports to: CISO/AVP Security

About the role

Own and unify security architecture across a complex enterprise environment. You ll align

identity, device, data, and technical controls; tailor solutions for research and academic needs;

and partner with GRC on an annual Security Program Review, roadmap development, and

implementation oversight.

Responsibilities:

Security Architecture Design & Strategy 35%

• Develop and maintain enterprisewide security architecture aligned with business and

technology goals.

• Create security roadmaps, models, standards, and procedures for cloud and onpremise

environments.

• Define baseline configurations and secure design patterns for systems and networks.

Security Risk Management & Assurance 25%

• Conduct security reviews and threat modeling for applications and infrastructure.
• Validate security configurations and recommend improvements.
• Support internal audits and compliance with regulatory frameworks (e.g., NIST, HIPAA,

FERPA).

Collaboration & Stakeholder Engagement 20%

• Liaise with Enterprise Cybersecurity, architects, and business stakeholders to ensure

secure practices.

• Participate in project planning to integrate security requirements.
• Coordinate with system owners and architects to allocate and implement security

controls.

Technology Evaluation & Implementation 15%

• Evaluate and recommend security tools and services based on technical and financial

metrics.

• Support secure deployment of applications and infrastructure, including cloud services.
• Stay current with emerging threats and technologies.Policy Development & Documentation 5%
• Draft and maintain security policies, procedures, and standards.
• Document data flows and security requirements across systems and services.

Qualifications:

• 15+ years in information security, including 8+ years in architecture or security

engineering leadership.

Required Knowledge, Skills, and Abilities (KSAs)

• Knowledge: Enterprise security architecture principles (e.g., SABSA, TOGAF, NIST CSF);

security technologies (e.g., firewalls, SIEM, IAM, endpoint protection);

regulatory/compliance (e.g., HIPAA, FERPA, ISO 27001); cloud and onpremise

infrastructure security.

• Skills: Strategic planning and roadmap development; threat modeling and risk

assessment; secure system and network design; technical documentation and policy

writing.

• Abilities: Translate business and risk requirements into technical solutions; collaborate

across departments; evaluate and recommend security tools/services; communicate

complex security topics to nontechnical stakeholders.

Preferred Knowledge, Skills, and Abilities (KSAs)

• Knowledge: Advanced understanding of cloudnative security (AWS, Azure, Google Cloud Platform); data

protection techniques (encryption, tokenization); OT/IoT security.

• Skills: Financial analysis of security investments (ROI, TCO); project management and

crossfunctional coordination; vendor risk assessment and thirdparty reviews.

• Abilities: Lead security architecture in largescale IT projects; influence policy and

governance decisions; adapt to evolving technologies and threats.

• Other Attributes: Experience in government, education, or research environments.

Required Education and Experience:

• Bachelor s degree in a related field.
• Handson experience with security infrastructure (e.g., firewalls, SIEM, endpoint

protection).

• Experience with threat modeling and risk assessments.
• Experience securing cloud and onpremise environments.
• Familiarity with IT infrastructure components (OS, networks, databases, containers).
• Experience with IAM technologies (e.g., Active Directory, AWS IAM, Okta).
• Working knowledge of IT service management practices (e.g., change, incident, asset

management).

• Licenses/Certifications: One or more of CISSP, CISA, TOGAF, GIAC.Preferred Education and Experience:
• Master s degree in a related field.
• Experience in higher education or research environments.
• Experience with vendor risk assessments and thirdparty security reviews.
• Experience with OT/IoT security and business continuity planning.
• Licenses/Certifications: CISM or other advanced certifications (e.g., CCSP, CRISC).