Apply on Employer Site

TechSur Solutions · 13 hours ago

Security Architect

Reston, VA

Full-time

Hybrid

Senior Level

TechSur Solutions is a digital services company focused on enabling digital transformation for its customers. The Security Architect role involves engineering, implementing, and operating enterprise and cloud security controls for a civilian federal agency, utilizing identity-centric security and Zero Trust Architecture.

AnalyticsArtificial Intelligence (AI)ConsultingInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design and implement secure architecture solutions across cloud, on Prem, and hybrid environments

Develop security standards, policies, and technical guidelines aligned with organizational and regulatory requirements

Conduct architecture reviews, threat modeling, and risk assessments for new and existing systems

Collaborate with engineering, DevOps, and product teams to ensure security requirements are integrated into system designs

Implement, and operate ICAM solutions, including identity lifecycle management, authentication, authorization, and access governance

Implement Zero Trust Architecture in alignment with NIST SP 800-207, emphasizing continuous verification, least privilege, and identity-based access

Deploy and support SASE / SSE capabilities, including ZTNA, Secure Web Gateway, CASB, and Firewall-as-a-Service

Support PIV smart card and certificate-based authentication across users, devices, applications, and cloud environments

Operate, and maintain PKI and certificate management services, including certificate issuance, renewal, revocation, and automation

Engineer and secure cloud environments (AWS, Azure, or GCP), focusing on identity, networking, logging, and secure configurations

Perform vulnerability scanning, risk prioritization, and coordination of remediation activities

Support patch management efforts by validating system configurations and verifying remediation of security findings

Monitor security and identity events using SIEM and related tools; investigate and respond to security incidents

Participate in incident response activities, including alert triage, investigation, containment, eradication, and recovery

Develop and maintain incident response playbooks, runbooks, and post-incident documentation

Develop and maintain security engineering documentation, standards, and operational runbooks

Collaborate with IT, cloud, and application teams to integrate security controls into system designs and CICD pipelines

Provide compliance and audit support, including technical evidence for ATO, continuous monitoring, and remediation activities

Qualification

Network securityCloud security architectureIdentityAccess managementZero Trust ArchitectureVulnerability managementAWSAzureGoogle CloudNIST frameworksEncryptionScripting languagesProblem-solvingCommunication skillsAttention to detail

Required

Strong knowledge of network security, application security, and cloud security architecture

Hands-on experience with major cloud platforms (AWS, Azure, or Google Cloud) and their native security services

Expertise in security frameworks such as NIST, ISO 27001, CIS Benchmarks, OWASP, and Zero Trust

Proficiency with identity and access management (IAM), SSO, MFA, and federation technologies

Solid understanding of encryption, PKI, firewalls, WAFs, SIEM, EDR, and vulnerability management tools

Proven experience in identifying and remediating vulnerabilities in both Linux and Windows environments with a strong understanding of compliance requirements

Proficiency in using security tools such as Nessus, ORCA, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools

Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets

Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks

Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment

Must be a US citizen

Must be able to obtain public trust prior to starting work

Excellent interpersonal and communication skills, both written and verbal

Commitment to following stringent security protocols

Well-organized, with a high level of attention to detail and the ability to prioritize tasks

Bachelor's degree in computer science, Information Technology

Preferred

Experience with IAM / ICAM platforms, identity federation (SAML, OAuth 2.0, OpenID Connect), and privileged access management

Hands-on experience implementing Zero Trust and/or SASE/SSE solutions

Strong knowledge of PIV/CAC, MFA, and certificate-based authentication

Practical experience with PKI, X.509 certificates, CRLs/OCSP, TLS, and key management

Experience securing cloud environments and integrating identity-centric controls

Knowledge of vulnerability management and patch management processes and tools

Familiarity with NIST SP 800-53, 800-63, and 800-207, and FISMA requirements

Ability to automate security and certificate lifecycle tasks using scripting tools

Strong written and verbal communication skills

Desire to work in a SAFe environment to support efficient delivery

Benefits

Full benefits

Company

TechSur Solutions

TechSur Solutions (SDB, 8(a), EDWOSB, WOSB): a strategic provider of emerging technology and digital transformation services for federal agencies, specializing in comprehensive solutions across application modernization, data services, and artificial intelligence.

Founded in 2016

Herndon, Virginia, USA

51-200 employees

https://techsur.solutions

Funding

Current Stage

Growth Stage

Leadership Team

Vishal Luthra

Chief Growth Officer

Recent News

GovCon Wire

Vishal Luthra Joins TechSur Solutions as Chief Growth Officer

2024-04-30

PR Newswire

Guidehouse and TechSur Form SBA Mentor-Protégé Joint Venture

2022-06-25

Company data provided by crunchbase