4440 Cyber Security Architect

Procession Systems
Quantico, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Quantico, United States of America

Tech stack

Kubernetes Security
Amazon Web Services (AWS)
Business Analytics Applications
Software System Penetration Testing
Azure
Bash
Cloud Computing Security
CompTIA Security+
Computer Security
Linux
DNS
Elasticsearch
Hypertext Transfer Protocols (HTTP)
Identity and Access Management
Python
Network Protocols
Powershell
Logstash
Kusto Query Language
Zero Trust Network Access
Security Information and Event Management
Software Engineering
TCP/IP
Software Vulnerability Management
Jupyter Notebook
Data Logging
Scripting (Bash/Python/Go/Ruby)
Cloud Platform System
Data Ingestion
Delivery Pipeline
Mitre Att&ck
Cyber Threat Analysis
Firewalls (Computer Science)
Cloudformation
Kubernetes
Information Technology
Nessus
Microsoft Sentinel
Kibana
Terraform
Splunk
Qualys
Docker
Security Orchestration, Automation & Response
Vulnerability Analysis

Job description

We are seeking a highly skilled Cyber Security Architect/Engineer to provide technical expertise, guidance, documentation, and recommendations for the following: Systems, networks, and cloud environments (i.e., AWS, Azure, etc.); Developing technical solutions and new security tools to help mitigate vulnerabilities; Performing vulnerability management assessments, penetration testing, and risk analysis to identify and remediate weaknesses; Automation and scripting using languages like Python, Bash, or PowerShell to automate repetitive security related tasks and building custom tools; Compliance and hardening ensuring systems meet industry and government standards and implementing system hardening protocols (e.g., DISA- STIGs) and; Providing mentorship to junior engineers and collaboration across cross-functional teams to integrate security into the software development lifecycle.

GENERAL DUTIES:

  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automating repeatable tasks
  • Design secure cloud infrastructure blueprints for AWS, Azure, etc.
  • Build automated security checks into deployment pipelines
  • Implement continuous security monitoring, logging, and alerting systems
  • Ensure cloud environments meet SOC2, ISO27001 and HIPPA standards
  • Assist security personnel in responding to incidents across a wide array of technologies, mitigating and containing impacts, coordinating remediation efforts, and documenting recommendations for improvement to include cloud specific security alerts and vulnerabilities
  • Define Identity and Access Management policies and encryption standards
  • Provide up-to-date reports on security incidents and task process
  • Maintain documentation to support security strategies for networks by outlining the requirements and benefits of specific security tools and/or solutions, * Architect and operate a hybrid SIEM stack spanning Microsoft Sentinel and Splunk Enterprise across on-prem, Azure, AWS; design ingestion pipelines (DCR/AMA, Splunk UF/HF/HEC), normalization with ASIM/CIM, and cross-workspace/cross-tenant event sharing.
  • Lead security architecture reviews and reference designs aligned to Zero Trust, NIST 800-53/207, CNSSI 1253; deliver threat models, control mappings, and security data flow diagrams for collection networks.
  • Build and maintain detections-as-code: author and version KQL/SPL analytics, watchlists, and entity behavior rules with MITRE ATT&CK coverage.
  • Administer a proactive threat-hunting program using KQL/SPL, Jupyter notebooks (MSTICPy), Sigma conversion, and purple-team ATT&CK emulations; convert hunt findings into resilient analytics and anomaly baselines.
  • Optimize telemetry governance and cost: table/namespace policies, retention tiers/archival, Splunk license and index strategy, Sentinel ingestion caps and data filters in addition to egress controls for sensitive / classified data.
  • Establish incident response operations and service level objectives: unify case management (Sentinel Incidents, Splunk ES Notables), evidence handling, post-incident reviews, and executive dashboards/metrics for readiness and dwell time.
  • Provide tiered platform support and enablement: backlog grooming, rule/playbook quality assurance, change control, analyst/admin training, and Authority-to-Operate/Risk Management Framework continuous monitoring package updates as required.

Requirements

  • A bachelor's degree from an accredited college or university in Computer Science, Cyber Security, Engineering, Cybersecurity, or related field.
  • Industry-recognized security credentials such as CISSP, CISM, Security+, CCSP, CSPM, and CNAPP, or similar certification.
  • AWS Certified Security - Specialty; Microsoft Certified: Azure Security Engineer Associate.
  • At least six (6) years of experience as a Cyber Security Architect/Engineer in a corporation, government, or commercial firm.
  • At least three years of experience securing enterprise cloud infrastructure (e.g., AWS, Azure, etc.)
  • Proficient with Infrastructure as Code security tools (Terraform, CloudFormation).
  • Ability to engineer and deploy security toolsets to include SIEM (Splunk), EDR (CarbonBlack), Vulnerability scanners (Nessus, Qualys) and analytics solutions (Elastic Stack (Elasticsearch, Logstash, Kibana - ELK), or similar).
  • Experience scripting with Python, Bash, or PowerShell for security automation.
  • Deep knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS) and firewalls.
  • Proficiency in securing both Linux and Windows environments.
  • Experience with container security (Docker, Kubernetes) and cloud-native security tools.
  • Experience conducting security assessments, penetration testing and/or ethical hacking, and identifying and mitigating vulnerabilities.
  • Excellent analysis and critical thinking skills.
  • Exceptional leadership and organizational skills.
  • Experience working with technical teams in customer environments
  • Excellent oral and written communication skills.

Apply for this position