Cybersecurity Architect (DoD / Cloud Security) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nationwide IT Services, Inc. · 5 hours ago

Cybersecurity Architect (DoD / Cloud Security)

positionFairfax, VA
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

Nationwide IT Services, Inc. is seeking a Cybersecurity Architect specializing in DoD and Cloud Security. The role involves leading cybersecurity architecture for a DoD cloud-based system, designing and implementing cybersecurity controls, and ensuring compliance with various security standards and frameworks.

Cyber SecurityInformation ServicesInformation TechnologyManagement Consulting
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead cybersecurity architecture for a DoD cloud-based system operating in a regulated environment across the full cybersecurity lifecycle, including, but not limited to, security planning, architecture and design, implementation, authorization, continuous monitoring, incident response, and sustainment
Design, implement, and govern cybersecurity controls aligned with DoD RMF, the Cybersecurity Risk Management Construct (CSRMC), and Continuous Authority to Operate (cATO) principles
Architect and secure cloud environments in AWS GovCloud and Microsoft Azure / Azure Government, including, but not limited to, identity management, network security, encryption, logging, monitoring, and configuration management
Design and mature Zero Trust Architecture across identity, device, network, application, data, and visibility layers in alignment with DoD Zero Trust guidance
Lead continuous monitoring activities, including ACAS scanning, STIG compliance, configuration validation, vulnerability identification, and remediation tracking
Architect, integrate, and tune SIEM and SOAR capabilities, including, but not limited to, centralized log aggregation, real-time threat detection, automated response workflows, and coordination with security operations teams
Integrate security controls into DevSecOps and CI/CD pipelines, including, but not limited to, SAST, DAST, dependency scanning, container security, and policy-as-code automation
Perform security risk assessments and translate technical findings into risk-based recommendations for system owners, program leadership, and Authorizing Officials
Manage Plans of Action and Milestones (POA&Ms) through closure and track remediation progress in accordance with mandated timelines and risk tolerance
Prepare, review, and maintain cybersecurity and authorization artifacts in eMASS, including, but not limited to:
System Security Plans (SSPs)
Security Assessment Reports (SARs)
Plans of Action and Milestones (POA&Ms)
Control implementation narratives and supporting evidence packages
Partners with engineering, cloud, and operations teams to embed security by design, improve system resilience, and reduce operational risk
Support cybersecurity audits, inspections, and Cyber Operational Readiness Assessments (CORA), ensuring audit-ready documentation, traceability, and evidence integrity
Assist in the Discovery Phase activities of gathering user requirements, business analysis, legacy system analysis, Epic/Story creation, external data integration planning, and product backlog management

Qualification

Cybersecurity ArchitectureDoD RMFAWS GovCloudMicrosoft AzureZero Trust ArchitectureSIEMSOAREMASSNIST SP 800-53Cybersecurity CertificationsDevSecOpsSoft Skills

Required

Active Secret Clearance
Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field
Eight or more years of cybersecurity experience, including experience supporting DoD or Federal systems
Hands-on experience securing cloud environments in AWS GovCloud and Microsoft Azure / Azure Government
Demonstrated experience using eMASS to manage RMF lifecycle activities and authorization packages
Strong experience with SIEM and SOAR platforms, ACAS scanning, and STIG compliance
Working knowledge of NIST SP 800-53, Zero Trust architecture principles, and DevSecOps security practices
One or more cybersecurity certifications required, including CISSP, CCSP, CISM, and CASP+ / SecurityX

Benefits

Medical, dental, and vision insurance
Life and disability insurance
401(k) plan with employer match
Paid holidays
PTO (sick/vacation)
Commuter benefits
Employee assistance program (EAP)
Educational reimbursement
Pet Insurance

Company

Nationwide IT Services, Inc.

twittertwittertwitter
company-logo
Nationwide IT Services, Inc.
dateFounded in 2006
location
Fairfax, Virginia, USA
people-size201-500 employees
web-link
http://nw-its.com/

Funding

Current Stage
Growth Stage
Company data provided by crunchbase