Senior Cybersecurity Architect

Leidos, Inc.
Reston, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 195K

Job location

Remote
Reston, United States of America

Tech stack

Kubernetes Security
Java
API
Artificial Intelligence
Software System Penetration Testing
Application Performance Management
Application Services
Automation of Tests
Azure
Mobile Application Development
Cloud Computing Security
Cloud Engineering
Cloud Storage
Encodings
Computer Security
Continuous Integration
Information Engineering
Data Governance
Data Infrastructure
Data Integration
Software Design Patterns
Distributed Systems
Eclipse
Java Platform Enterprise Edition (J2EE)
Identity and Access Management
IntelliJ
Information Systems Security Architecture Professional
jQuery
Javaserver Pages
Key Management
Log Analysis
Microsoft Visual Studio
SQL Azure
Productivity Software
Azure DevOps Pipelines
Zero Trust Network Access
SAS (Software)
Secure Coding
Security Software
Software Engineering
Software Vulnerability Management
Enterprise Data Management
Data Logging
Enterprise Software Applications
Cloud Platform System
Postman
Azure
Spring Cloud
GitHub Copilot
React
Delivery Pipeline
Software Security
Technical Debt
Containerization
Kubernetes
Infrastructure Automation Frameworks
Information Technology
Azure
Data Management
SQL Server Management Studio (SSMS)
REST
Software Version Control
Devsecops
Key Vault
Legacy Systems
Databricks
Programming Languages

Job description

The Leidos Health and Services Sector is seeking an experienced Senior Cybersecurity Architect to lead the security strategy, architecture, governance, and secure engineering practices supporting CDC National Healthcare Safety Network (NHSN) Microsoft Azure cloud platform and enterprise software ecosystem., This role will establish the cybersecurity foundation for NHSN's modernization strategy by creating a comprehensive security architecture, embedding security throughout the software development lifecycle, strengthening Azure cloud governance, securing enterprise data platforms, and enabling the responsible adoption of emerging technologies. The Senior Cybersecurity Architect will help transform NHSN from a reactive security posture to a mature, proactive, and governance-driven cybersecurity program that supports the agency's public health mission.

The successful candidate will serve as the program's principal cybersecurity authority, responsible for establishing a comprehensive security framework that protects modern cloud-native applications, legacy platforms, data engineering environments, software delivery pipelines, and emerging technologies, including artificial intelligence. This individual will partner closely with software engineers, cloud engineers, data engineers, architects, and program leadership to ensure security is designed into every aspect of the platform., Enterprise Security Architecture

  • Develop and maintain the cybersecurity architecture supporting NHSN's Microsoft Azure cloud environment.
  • Design secure reference architectures for modern cloud-native applications, APIs, data platforms, containerized workloads, and supporting infrastructure.
  • Establish enterprise security guidelines, architecture principles, and governance processes that guide secure engineering across the organization.
  • Maintain a comprehensive security architecture roadmap aligned with NHSN modernization initiatives.

Azure Cloud Security

  • Serve as the technical authority for securing NHSN's Microsoft Azure environment.

  • Develop security architectures and governance for Azure App Services, Azure Container Apps, Azure Kubernetes Service (AKS), Azure SQL, Azure Data Factory, Azure Databricks, storage services, networking, and platform services.

  • Implement and oversee secure use of Azure infrastructure services, including Key Vault, Service Bus, Application Gateway, Container Registry, Storage Accounts, Application Insights, Log Analytics, identity services, and related Azure-native security capabilities.

  • Partner with cloud engineering teams to implement Zero Trust principles, infrastructure security, policy enforcement, and secure Infrastructure-as-Code practices.

Application Security

  • Lead secure software engineering practices throughout the Software Development Life Cycle (SDLC).

  • Conduct architecture reviews, threat modeling, secure design reviews, and application security assessments for applications developed using Java, Quarkus, React, KendoReact, and supporting technologies.

  • Develop secure coding standards and provide guidance on authentication, authorization, API security, encryption, secrets management, and vulnerability remediation.

  • Collaborate with engineering teams to integrate security into Azure DevOps pipelines, GitHub Copilot-enabled development workflows, automated testing, and CI/CD processes.

Data Platform Security

  • Develop security strategies for NHSN's enterprise data platforms and analytics environments.
  • Establish security controls for Azure Databricks, Azure Data Factory, Azure SQL, and related data integration services.
  • Ensure secure handling of sensitive public health data through appropriate access controls, encryption, monitoring, auditing, and data governance practices.

Legacy Platform Security

  • Assess cybersecurity risks associated with legacy applications and technologies, including Java EE/JSP applications, jQuery-based interfaces, SAS Viya, and existing Kubernetes deployments.
  • Develop modernization security strategies that reduce technical debt while maintaining operational continuity.
  • Recommend secure migration approaches that align legacy capabilities with modern cloud-native architectures.

DevSecOps and Security Operations

  • Embed security into software development and deployment pipelines using Azure DevOps and modern DevSecOps practices.
  • Develop automated security controls supporting source code management, dependency management, container security, infrastructure security, and continuous compliance.
  • Partner with engineering teams to integrate security testing into development workflows using appropriate tools and practices.

Risk Management and Governance

  • Perform ongoing security assessments, threat modeling, and architecture risk analyses.
  • Maintain a comprehensive security architecture map, risk register, and remediation roadmap.
  • Develop cybersecurity policies, standards, technical guidance, and governance processes aligned with NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), NIST SP 800-53 Rev 5, NIST AI Risk Management Framework (AI RMF), FedRAMP, FISMA, and Zero Trust Architecture.
  • Support Authority to Operate (ATO) activities and security documentation.

Emerging Technology Security

  • Develop security guidance for artificial intelligence and other emerging technologies supporting NHSN modernization.
  • Evaluate risks associated with AI systems, including prompt injection, model security, data protection, supply chain risk, and secure integration patterns.
  • Establish security guardrails enabling responsible adoption of AI capabilities across the organization.

Security Culture and Technical Leadership

  • Develop and deliver cybersecurity education and awareness training for engineering and program teams.
  • Mentor software engineers, cloud engineers, and technical leads on secure engineering principles.
  • Create reusable security standards, design patterns, playbooks, and implementation guidance that establish a consistent security posture across NHSN.
  • Serve as the trusted cybersecurity advisor to program leadership on emerging threats, technology investments, and enterprise security strategy.

Requirements

be a US Citizen or US Person (Green Card Holder) who is currently located in the United States for the current three consecutive years with the ability to obtain a Public Trust Security Clearance., The ideal candidate combines deep software engineering expertise with enterprise cybersecurity architecture experience and knowledge of requisite security frameworks and controls required of government systems and possesses the technical leadership required to establish a proactive, governance-driven security program., * Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, Information Technology, or a related discipline (Master's degree preferred).

  • Minimum of ten (10) years of progressive experience in cybersecurity architecture, secure software engineering, cloud security, or enterprise application security.
  • Demonstrated experience designing and securing enterprise solutions hosted in Microsoft Azure.
  • Strong understanding of Azure security architecture, including identity and access management, networking, platform services, container security, logging, monitoring, encryption, and cloud governance.
  • Significant hands-on software development experience using Java or other modern programming languages.
  • Experience securing cloud-native applications, REST APIs, containerized workloads, and distributed systems.
  • Experience integrating security into Azure DevOps, CI/CD pipelines, and modern software engineering practices.
  • Demonstrated experience performing threat modeling, architecture risk assessments, penetration testing coordination, and secure design reviews.
  • Excellent communication and leadership skills with the ability to influence technical teams and executive stakeholders.
  • Maintain either an ISC2 CISSP or CCSP professional certifications

Preferred Qualifications

  • Experience with technologies such as Quarkus, React, Kubernetes, Azure Databricks, Azure Data Factory, Azure SQL, SAS Viya, and modern Azure platform services.
  • Experience securing enterprise data platforms and analytics environments.
  • Experience supporting federal cloud environments, FISMA compliance, and Authority to Operate (ATO) processes.
  • Familiarity with developer productivity tools such as IntelliJ IDEA, Eclipse, Visual Studio Code, Azure Data Studio, SQL Server Management Studio, Postman, GitHub Copilot, and Azure DevOps.
  • Additional professional certifications such as CISSP and CCSP, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Security Engineer Associate, Azure Solutions Architect Expert, GIAC, or equivalent credentials.

Desired Characteristics

The successful candidate will possess:

  • Deep technical credibility as both a secure software engineer and cybersecurity architect.
  • An enterprise architect's mindset capable of designing scalable security solutions across cloud, applications, infrastructure, and data platforms.
  • The ability to balance innovation with governance while enabling secure software delivery and performance.
  • Strong systems thinking and the ability to translate complex cybersecurity concepts into actionable engineering guidance.
  • A passion for mentoring teams and establishing a lasting culture of secure engineering.

Benefits & conditions

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

About the company

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Apply for this position