Security Architect (NIH/HHS Experience)
Role details
Job location
Tech stack
Job description
We are seeking a highly skilled and motivated Security Architect with specialized experience in NIH (National Institutes of Health) and HHS (Health and Human Services) Federal IT environments. In this pivotal role, you will design, implement, and oversee comprehensive cybersecurity cloud frameworks that safeguard sensitive health data and comply with federal standards. Your expertise will drive the development of resilient cloud security architectures, ensuring the integrity, confidentiality, and availability of critical information systems., * Design authority (NIST SP 800-53 Rev. 5); 95% monthly availability of contractor-managed tooling; Zero Trust baseline reference architecture due Day 90; Government provides all tool licensing and infrastructure - an operate-and-modernize role, not buy-and-build.
- Develop and implement robust IT security architectures aligned with NIH/HHS guidelines, including NIST standards and FISMA compliance.
- Conduct comprehensive security risk assessments, vulnerability research, and incident investigations to identify potential threats within complex health IT environments.
- Lead the integration of security controls across diverse network infrastructures including LAN, WAN, cloud platforms like AWS and Google Cloud, and virtualization environments such as VMware vSphere.
- Manage access control management systems utilizing IAM architecture design principles, SSO protocols, LDAP directories, and PKI implementations for secure authentication.
- Implement SIEM solutions like Splunk or SolarWinds for real-time security monitoring, event correlation, and incident response coordination.
- Collaborate with cross-functional teams to develop system security plans (SSPs), disaster recovery strategies, and incident recovery procedures ensuring compliance with FISMA, FedRAMP, and other federal mandates.
Requirements
Education / Experience: Bachelor's Degree + 10+ years security engineering/architecture (on-prem + cloud)
Required Certifications: CISSP, Preferred: CISSP-ISSAP; CCSP/cloud security; Zero Trust per OMB M-22-09 / CISA ZTMM; enterprise SIEM/EDR/DLP/PAM operations with availability SLAs, * 10+ years security engineering/architecture (on-premesis + cloud)
- Proven experience designing security architectures within NIH or HHS federal agencies or similar health-focused government organizations.
- Extensive knowledge of computer networking concepts including routing protocols (OSPF, BGP), network protocols (TCP/IP, IPsec), and network infrastructure components such as Cisco routers/switches.
- Strong understanding of information security standards including ISO 27001/27000 series, ISO 27002 best practices, FIPS compliance, and NIST cybersecurity frameworks.
- Hands-on experience with firewall management (Cisco ASA), IDS/IPS deployment, SIEM implementation (Splunk or equivalent), and intrusion detection systems (IDS).
- Proficiency in cloud computing platforms such as AWS or Azure alongside virtualization tools like VMware vSphere.
- Familiarity with DevSecOps practices for integrating security into SDLC processes using tools like Ansible, Terraform, Jenkins CI/CD pipelines.
- Knowledge of encryption methods, openSUSE/Linux/Ubuntu system administration skills, and scripting languages such as Python or Bash for automation tasks.
- Ability to perform thorough vulnerability assessments, risk analysis investigations, and develop mitigation strategies aligned with federal cybersecurity policies.
- Excellent communication skills to articulate complex security concepts clearly across technical teams and executive stakeholders.
Benefits & conditions
Pulled from the full job description
- Referral program
- Professional development assistance
- Tuition reimbursement
- 401(k)
- Health insurance
- Retirement plan
- 401(k) matching, * 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Employee discount
- Flexible spending account
- Health insurance
- Life insurance
- Paid time off
- Professional development assistance
- Referral program
- Retirement plan
- Tuition reimbursement
- Vision insurance
License/Certification:
- active CISSP certification (Required)