Security Architect (NIH/HHS Experience)

Greenbrier Government Solutions Inc.
Washington, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 200K

Job location

Washington, United States of America

Tech stack

Amazon Web Services (AWS)
User Authentication
Azure
Border Gateway Protocol
Ubuntu (Operating System)
Cisco PIX
Cisco Routers
Cloud Computing Security
Computer Security
Information Systems
Computer Networks
Linux
Disaster Recovery
Federal Information Processing Standards (FIPS)
Identity and Access Management
Internet Protocol Security (IP SEC)
Intrusion Detection Systems
Information Systems Security Architecture Professional
Python
Lightweight Directory Access Protocols (LDAP)
Network Architecture
Routing
Network Protocols
Open Shortest Path First
Public Key Infrastructure
Systems Development Life Cycle
Ansible
Zero Trust Network Access
Security Information and Event Management
Systems Integration
TCP/IP
Virtualization Technology
vSphere
Scripting (Bash/Python/Go/Ruby)
Computer Networking Systems
Google Cloud Platform
Cloud Platform System
SolarWinds (Software)
ArcSight Event Correlation
ISO/IEC 27002
Terraform
Splunk
Devsecops
Vulnerability Analysis

Job description

We are seeking a highly skilled and motivated Security Architect with specialized experience in NIH (National Institutes of Health) and HHS (Health and Human Services) Federal IT environments. In this pivotal role, you will design, implement, and oversee comprehensive cybersecurity cloud frameworks that safeguard sensitive health data and comply with federal standards. Your expertise will drive the development of resilient cloud security architectures, ensuring the integrity, confidentiality, and availability of critical information systems., * Design authority (NIST SP 800-53 Rev. 5); 95% monthly availability of contractor-managed tooling; Zero Trust baseline reference architecture due Day 90; Government provides all tool licensing and infrastructure - an operate-and-modernize role, not buy-and-build.

  • Develop and implement robust IT security architectures aligned with NIH/HHS guidelines, including NIST standards and FISMA compliance.
  • Conduct comprehensive security risk assessments, vulnerability research, and incident investigations to identify potential threats within complex health IT environments.
  • Lead the integration of security controls across diverse network infrastructures including LAN, WAN, cloud platforms like AWS and Google Cloud, and virtualization environments such as VMware vSphere.
  • Manage access control management systems utilizing IAM architecture design principles, SSO protocols, LDAP directories, and PKI implementations for secure authentication.
  • Implement SIEM solutions like Splunk or SolarWinds for real-time security monitoring, event correlation, and incident response coordination.
  • Collaborate with cross-functional teams to develop system security plans (SSPs), disaster recovery strategies, and incident recovery procedures ensuring compliance with FISMA, FedRAMP, and other federal mandates.

Requirements

Education / Experience: Bachelor's Degree + 10+ years security engineering/architecture (on-prem + cloud)

Required Certifications: CISSP, Preferred: CISSP-ISSAP; CCSP/cloud security; Zero Trust per OMB M-22-09 / CISA ZTMM; enterprise SIEM/EDR/DLP/PAM operations with availability SLAs, * 10+ years security engineering/architecture (on-premesis + cloud)

  • Proven experience designing security architectures within NIH or HHS federal agencies or similar health-focused government organizations.
  • Extensive knowledge of computer networking concepts including routing protocols (OSPF, BGP), network protocols (TCP/IP, IPsec), and network infrastructure components such as Cisco routers/switches.
  • Strong understanding of information security standards including ISO 27001/27000 series, ISO 27002 best practices, FIPS compliance, and NIST cybersecurity frameworks.
  • Hands-on experience with firewall management (Cisco ASA), IDS/IPS deployment, SIEM implementation (Splunk or equivalent), and intrusion detection systems (IDS).
  • Proficiency in cloud computing platforms such as AWS or Azure alongside virtualization tools like VMware vSphere.
  • Familiarity with DevSecOps practices for integrating security into SDLC processes using tools like Ansible, Terraform, Jenkins CI/CD pipelines.
  • Knowledge of encryption methods, openSUSE/Linux/Ubuntu system administration skills, and scripting languages such as Python or Bash for automation tasks.
  • Ability to perform thorough vulnerability assessments, risk analysis investigations, and develop mitigation strategies aligned with federal cybersecurity policies.
  • Excellent communication skills to articulate complex security concepts clearly across technical teams and executive stakeholders.

Benefits & conditions

Pulled from the full job description

  • Referral program
  • Professional development assistance
  • Tuition reimbursement
  • 401(k)
  • Health insurance
  • Retirement plan
  • 401(k) matching, * 401(k)
  • 401(k) matching
  • Dental insurance
  • Employee assistance program
  • Employee discount
  • Flexible spending account
  • Health insurance
  • Life insurance
  • Paid time off
  • Professional development assistance
  • Referral program
  • Retirement plan
  • Tuition reimbursement
  • Vision insurance

License/Certification:

  • active CISSP certification (Required)

Apply for this position