user avatar

4440 Cyber Security Architect

Procession Systems

Posted today

Job Requirements

Quantico, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries

Job Description

OVERVIEW:

We are seeking a highly skilled Cyber Security Architect/Engineer to provide technical expertise, guidance, documentation, and recommendations for the following: Systems, networks, and cloud environments (i.e., AWS, Azure, etc.); Developing technical solutions and new security tools to help mitigate vulnerabilities; Performing vulnerability management assessments, penetration testing, and risk analysis to identify and remediate weaknesses; Automation and scripting using languages like Python, Bash, or PowerShell to automate repetitive security related tasks and building custom tools; Compliance and hardening ensuring systems meet industry and government standards and implementing system hardening protocols (e.g., DISA- STIGs) and; Providing mentorship to junior engineers and collaboration across cross-functional teams to integrate security into the software development lifecycle.

GENERAL DUTIES:
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automating repeatable tasks
  • Design secure cloud infrastructure blueprints for AWS, Azure, etc.
  • Build automated security checks into deployment pipelines
  • Implement continuous security monitoring, logging, and alerting systems
  • Ensure cloud environments meet SOC2, ISO27001 and HIPPA standards
  • Assist security personnel in responding to incidents across a wide array of technologies, mitigating and containing impacts, coordinating remediation efforts, and documenting recommendations for improvement to include cloud specific security alerts and vulnerabilities
  • Define Identity and Access Management policies and encryption standards
  • Provide up-to-date reports on security incidents and task process
  • Maintain documentation to support security strategies for networks by outlining the requirements and benefits of specific security tools and/or solutions


REQUIRED QUALIFICATIONS:
  • A bachelor's degree from an accredited college or university in Computer Science, Cyber Security, Engineering, Cybersecurity, or related field.
  • Industry-recognized security credentials such as CISSP, CISM, Security+, CCSP, CSPM, and CNAPP, or similar certification.
  • AWS Certified Security - Specialty; Microsoft Certified: Azure Security Engineer Associate.
  • At least six (6) years of experience as a Cyber Security Architect/Engineer in a corporation, government, or commercial firm.
  • At least three years of experience securing enterprise cloud infrastructure (e.g., AWS, Azure, etc.)
  • Proficient with Infrastructure as Code security tools (Terraform, CloudFormation).
  • Ability to engineer and deploy security toolsets to include SIEM (Splunk), EDR (CarbonBlack), Vulnerability scanners (Nessus, Qualys) and analytics solutions (Elastic Stack (Elasticsearch, Logstash, Kibana - ELK), or similar).
  • Experience scripting with Python, Bash, or PowerShell for security automation.
  • Deep knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS) and firewalls.
  • Proficiency in securing both Linux and Windows environments.
  • Experience with container security (Docker, Kubernetes) and cloud-native security tools.
  • Experience conducting security assessments, penetration testing and/or ethical hacking, and identifying and mitigating vulnerabilities.
  • Excellent analysis and critical thinking skills.
  • Exceptional leadership and organizational skills.
  • Experience working with technical teams in customer environments
  • Excellent oral and written communication skills.


DESIRED QUALIFICATIONS:
  • Architect and operate a hybrid SIEM stack spanning Microsoft Sentinel and Splunk Enterprise across on-prem, Azure, AWS; design ingestion pipelines (DCR/AMA, Splunk UF/HF/HEC), normalization with ASIM/CIM, and cross-workspace/cross-tenant event sharing.
  • Lead security architecture reviews and reference designs aligned to Zero Trust, NIST 800-53/207, CNSSI 1253; deliver threat models, control mappings, and security data flow diagrams for collection networks.
  • Build and maintain detections-as-code: author and version KQL/SPL analytics, watchlists, and entity behavior rules with MITRE ATT&CK coverage.
  • Administer a proactive threat-hunting program using KQL/SPL, Jupyter notebooks (MSTICPy), Sigma conversion, and purple-team ATT&CK emulations; convert hunt findings into resilient analytics and anomaly baselines.
  • Optimize telemetry governance and cost: table/namespace policies, retention tiers/archival, Splunk license and index strategy, Sentinel ingestion caps and data filters in addition to egress controls for sensitive / classified data.
  • Establish incident response operations and service level objectives: unify case management (Sentinel Incidents, Splunk ES Notables), evidence handling, post-incident reviews, and executive dashboards/metrics for readiness and dwell time.
  • Provide tiered platform support and enablement: backlog grooming, rule/playbook quality assurance, change control, analyst/admin training, and Authority-to-Operate/Risk Management Framework continuous monitoring package updates as required.


CLEARANCE:
  • Active Top Secret minimum clearance
group id: 90943786
job ad image
Find Procession Systems on Social Media
Network Employers
user avatar
About Us
At Procession Systems we work on identifying top talent across various markets. We work with some of the world’s leading government contractors, ranging in size, taking on some of the biggest challenges in the defense, civilian, and Intelligence markets. Not only do we identify top talent in this space for our clients, but a well cared for candidate experience is our priority. At Procession Systems we are dedicated to your needs and here to serve you as you advance in your career!
job ad2 image

Procession Systems Jobs


Job Category
IT - Security
Clearance Level
Top Secret