Cybersecurity Infrastructure Lead Architect

Description

Job Description:

Leidos' Cybersecurity Architecture and Engineering (CAE) has an immediate need for a Cybersecurity Infrastructure Lead Architect. Office locations are in Reston-VA, Orlando-FL, or Gaithersburg-MD, or full-time teleworking options are available.

The Cybersecurity Infrastructure Lead Architect is a senior technical leadership position within Leidos. The role has two core missions. The first is to support the design, development, deployment processes of perimeter, endpoint, cloud, and mobile security initiatives by leading a small team of subject matter experts (SMEs) with depth in each domain. The second is to work with other seasoned Architects and Engineers to design, build, and protect Leidos’ Global AWS Infrastructure. A portion of the role focuses on developing and implementing Leidos' cloud defense strategy in AWS and balancing customer needs with security best practices.

The role requires solid foundations in architecture fundamentals and DFARS/NIST 800-171 regulatory compliance, and AWS Gov Cloud infrastructure and services. In addition, the role’s responsibilities include designing cybersecurity into Leidos Corporate Infrastructure Technology projects and programs through requirements generation, validating/creating environment architectures, and completing System Security Plans (SSPs).

Primary Responsibilities

• Provide technical and functional leadership within CAE and act as a technical subject matter expert within Infrastructure and IT for a small team of direct reports.
• Act as a technical cybersecurity AWS subject matter expert (SME) to meet current and future security design, and architecture requirements for IaaS, PaaS, and SaaS implementations.
• Be a SME in the AWS capabilities, APIs, and shared security models for Leidos' enterprise cloud deployment
• Work with fellow architects and engineers within CAE to evaluate corporate programs and projects for architecture security gaps, security best practices, and ensure regulatory controls are technically enforced. Create cybersecurity designs that meet those requirements to defend Leidos environments globally.
• Work with Platform Security Engineering and Operations, Leidos Enterprise Applications, and Leidos Architecture and Engineering to ensure technical cybersecurity requirements are defined and met.
• Develop cybersecurity infrastructure technical roadmaps to drive continuous cyber transformation and improvements in Leidos’ overall defense posture.
• Be a driving force in infrastructure transitions stemming from the creation of CMMC 2.0 guidelines.

Basic Qualifications

• Bachelor's degree and 8 to 15 years of experience in Information Security with a real passion for the field. Additional years of relevant experience, training, and/or professional certifications will qualify in lieu of a degree
• Must be able to obtain a Security Clearance and therefor have US citizenship. Individuals do not need to possess a clearance today.
• Must have a demonstrated track record of extensive cybersecurity experience in multiple CISSP security domains (Endpoint, Network, IaaS, Mobile).
• Experience assessing architectures for regulatory compliance and integrating those environments into an enterprise.
• Experience and comfort in taking strategic intents and driving technical organizational change
• Demonstrated experience with AWS services, APIs, and best practices.
• Foundational understanding of Hybrid Cloud/on-premises security best practices and experience using VPC configurations to effectively isolate environments.
• Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences.
• Demonstrate poise and creativity while working with other architects in different domain spaces to come to a common solution.

Preferred Qualifications

All of the below are not requirements, but would bring significant value to the team:

• Information security experience with DoD and/or Intelligence Community as an employee or contractor.
• knowledge of NIST 800-171 or NIST 800-53 would be a plus
• Experience in Identity and Access Management
• Designing/creating architectures for projects or programs with enterprise impact.
• Previous experience managing and leading a technical team. The ability to lead, influence, and guide others is essential.
• Experience securing common enterprise cloud applications (SaaS) to include enforcing 3rd party MFA solutions.
• Experience integrating security controls and logging from cloud environments to provide a holistic enterprise security view.
• Experience authoring enterprise cloud security policies and establishing an enterprise cloud security strategy.

Experience deploying or maintaining cloud access security broker (CASB) or Secure access service edge (SASE) solutions.

Pay Range:

#Remote