SIGN IN
Cleared On Site Chief Security Architect for Governance, Risk and Compliance (5030) jobs in United States
cer-icon
Apply on Employer Site
company-logo

SMX · 22 hours ago

Cleared On Site Chief Security Architect for Governance, Risk and Compliance (5030)

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$138K/yr - $231K/yr
date10+ years exp
SMX is a team of technical and domain experts dedicated to enabling mission success. They are seeking a Chief Security Architect to serve as the program’s principal technical authority, providing strategic risk advisory and overseeing the security posture of over 600 information systems across all classification levels. The role involves translating security vision into actionable guidance, leading security architecture patterns, and ensuring a robust cybersecurity posture while adopting innovative technologies.
Cloud ComputingCyber SecurityBig DataSoftwareInformation TechnologyAnalyticsCloud Data ServicesCloud SecurityIT Management
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Serve as the program’s principal technical authority, providing strategic risk advisory to OCIO leadership, Authorizing Officials, and ISSO(E)(M)s while overseeing the security posture of 600+ information systems across all classification levels
Translate the Customer's security vision into actionable technical guidance
Validate the system categorization methodology
Review high-risk change requests
Enable innovation through evaluation of emerging technologies (AI/ML, zero trust, cloud-native security) within the Customer's governance constraints
Lead early lifecycle security advisory to embed security in system design rather than retrofit
Resolve complex technical disputes between implementation and assessment teams
Drive enterprise-wide security architecture patterns that enable consistent, defensible authorization decisions
Elevate ISaaS from tactical compliance execution to mission-enabling security partnership
Ensure the Customer maintains robust cybersecurity posture while adopting cutting-edge capabilities to counter evolving threats
Balance deep technical expertise with executive communication skills, translating complex security risks into business impacts and strategic recommendations for senior Customer leadership

Qualification

NIST implementationGovernanceRiskComplianceCloud security architectureAWS/Azure security servicesFISMA security frameworksSecurity architecture designTechnical risk assessmentsExecutive communicationIaC / DevSecOps principlesCloud-native security patternsStrategicAuditCross-domain solutionsActive TS clearanceCISSP-ISSEP certificationNSSIntelligence Community ExperienceLeadership Skills

Required

Bachelors Degree
10+ years of experience
Deep expertise with NIST implementation at scale, 800-53 controls and assessment procedures
FISMA and Intelligence Community security frameworks
Proven ability to design security architectures for diverse environments (on-prem, cloud, hybrid, air-gapped)
Cloud security architecture
AWS/Azure security services, configurations, best practices
FedRAMP authorization process and cloud control inheritance
Some knowledge of IaC / DevSecOps principles (not sure this is a must)
Cloud-native security patterns: ZTA, container security, serverless, etc
Governance, Risk, and Compliance (must have, top skill, after the architecture/cloud)
Track record at providing technical risk assessments and recommendations
Articulate residual risk in business terms, enabling informed risk acceptance by non-technical executives
Experience with conditional ATO strategies and balancing operational urgency with security requirements
Experience leading or overseeing independent security assessments for diverse system types
Ability to validate assessment quality and consistency across multiple assessor teams
Strategic and Leadership Skills (must have)
Executive Communication – demonstrated ability to brief C-level executives and senior gov officials on complex security processes
Skill in translating technical vulnerabilities into business risk and strategic recommendations
Experience in developing security strategies, roadmaps, and business cases for executive approval (at least serve as an advisor for these)
Proven ability to build trust and credibility with diverse stakeholders, system owners, developers, operations teams, auditors
One of the following certifications -AWS Cloud Solutions Architect (Professional), CISSP-ISSEP
Active TS clearance with SCI Eligibility

Preferred

NSS and Intelligence Community Experience (nice to have)
IC-specific security requirements (ICD 503 for cloud, ICD 705 for SCI, etc.)
Cross-domain solutions (CDS) and high-side/low-side data transfer security
Audit and Compliance (nice to have, more important that they were independent audits)
Experience in supporting FISMA audits, DOJ inspector general reviews, GAO assessments
Understanding of OMB, DOJ, and IC Cybersecurity reporting requirements and metrics
Ability to translate audit findings into actionable remediation paths and process improvements

Benefits

Health insurance
Paid leave
Retirement

Company

SMX

twittertwitter
company-logo
SMX is a provider of information technology (IT), services, and advanced engineering with a focus on Cloud Solutions.
dateFounded in 1995
location
Hollywood, Maryland, USA
people-size1001-5000 employees
web-link
https://www.smxtech.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Peter LaMontagne
Chief Executive Officer
linkedin

Recent News

GlobeNewswire
eSHARE and SMX Announce FedRAMP Moderate Agency ATO for eSHARE’s Trusted Collaboration Suite
2026-01-22
PR Newswire
ColorTokens Achieves FedRAMP® Moderate Authorization, Accelerating Secure Zero Trust Adoption Across Federal Agencies
2026-01-12
GlobeNewswire
Outside Analytics Teams with SciTec on U.S. Space Force FORGE EOS Contract for Missile Warning Mission
2025-12-09
Company data provided by crunchbase