Security Architect

Job Summary

The Security Architect is a technical leader responsible for designing, implementing, and advancing enterprise security across cloud, application, and infrastructure environments, with a primary focus on Microsoft GCC High and Microsoft Commercial platforms.
This role partners closely with IT, Engineering, Compliance, and business leaders to embed security by design, strengthen CMMC and ITAR compliance, and enhance security operations and risk management capabilities.

• Design and govern secure architectures across cloud, identity, applications, and data platforms.
• Lead application security initiatives including assessments, threat modeling, secure SDLC practices, and vulnerability remediation.
• Support CMMC 2.0 Level 2+ readiness, including NIST 800 171/172 control implementation, SSP/POA&M management, and audit support.
• Architect and operate security capabilities within Microsoft GCC High and Azure Government, including Defender, Sentinel, Purview, and Entra .
• Provide senior level guidance during security incidents, investigations, and post‑incident remediation.
• Translate regulatory and business requirements into scalable security roadmaps and standards.
• Serve as a trusted advisor to engineering, IT, and leadership teams and mentor security professionals.

• Bachelor's degree or equivalent professional experience required, Master’s degree preferred.
• 7+ years of experience in information security, including hands‑on security architecture or application security experience.
• Strong experience securing Microsoft 365 GCCHigh and Azure Government environments.
• Demonstrated expertise with cloud security, identity and access management, application security, and incident response.
• Experience supporting regulated environments (CMMC, ITAR, DFARS, or similar).

• All relevant security and cloud certifications preferred, including CISSP, CCSP, CISM, GIAC, and Microsoft security certifications.

• Cloud & Identity:
  Azure Gov, M365 GCCHigh, Entra , Zero Trust, Conditional Access, MFA, PIM
• Application Security:
  Threat modeling, SAST/DAST/SCA, API and container security
• Monitoring & Response:
  Microsoft Sentinel, Defender XDR, automation and incident response
• Compliance: CMMC 2.0, NIST 800171/172, ITAR, risk management

The above is intended to describe the general content of and requirement for the performance of this job. It is not to be construed as an exhaustive statement of duties, responsibilities or requirements.

Equal opportunity employer, including people with disabilities and veterans.
Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws. For those requiring assistance completing the application or the application process and request information relating to the need for accommodation, please contact reasonablea