Security Architect (GSA)

As an experienced Security Architect with a strong background in Federal Government security practices and standards, you will play a critical role in enabling security engineers, liaising with technical leaders, and supporting the organization's security posture and that of the security posture of programs you will be engaged in. You will collaborate closely with Security Engineering and Operations teams to mitigate risk and enhance security by implementing robust security strategies and best practices in architecture, governance, operations, and risk management. Your leadership will be pivotal in managing system Authority to Operate (ATO), continuous ATO processes, and directing/supporting security engineers and Information System Security Officers (ISSOs). You will coordinate with various teams to achieve the organization's security objectives.

Implement Security Controls:

Ensure appropriate security controls are in place to safeguard data and critical electronic infrastructure. Respond to planned and unplanned information security activities as necessary.
Security Integration:

Serve as the security SME and liaison with customer ISSOs/ISSMs to ensure the integration of security solutions.
Cloud Security Requirements:

Determine security requirements for cloud platform services and components.
Security and Vulnerability Analysis & Remediation:

Conduct system security and vulnerability analyses, and risk assessments; work with product owners, customers, security teams and other service teams to advise remediation and track implementation of agreed on remediations in a timely manner
Solution Evaluation:

Evaluate the security aspects of solutions proposed by project teams and provide guidance accordingly.
Architect Security Solutions:

Work with various Cloud service models, architect security solutions, manage frameworks for Cloud and on-premises infrastructure and services, and tailor security controls to ensure a secure environment.
DevOps Guidance:

Provide guidance to product owners and DevOps teams in adopting security best practices. Implement static and dynamic scan solutions to minimize security weaknesses.
Documentation:

Develop and maintain information security documentation, including System Security Plans (SSPs) and Authorization & Accreditation (A&A) documentation packages for environment ATOs. Conduct discussions with security teams to address strategic and tactical issues.
Emerging Technologies:

Identify and evaluate emerging security technologies.
Regulatory Compliance:

Interpret and implement regulatory and other directives, frameworks, policies, and executive orders.
Be proactive:

in creating, recommending and working with teams to lead the implementation of approved security architecture and roadmap items
Required:

Educational Background:

Requires a bachelor's degree in Information Systems, Business Systems, Management Information Systems, IT Management, or a related IT degree.
Professional Experience:
Minimum of 10 years of related professional experience.
3 to 5 years of experience supporting Federal government programs.
6+ years of experience with core cybersecurity architecture.
4+ years of experience managing FISMA compliance for large systems, actively working with NIST standards, DISA/STIG standards, and maintaining required information security documentation.
RMF Expertise:

Experience with NIST Risk Management Framework (RMF) requirements, processes, and procedures.
DevSecOps:

Demonstrated experience in a DevSecOps environment.
Enterprise-Level Security:

Demonstrated experience in leading enterprise-level cybersecurity efforts, including architecting, designing, developing, and configuring cloud and on-premise systems and software.
Security Controls Implementation:

Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to support an ATO.
A&A Support:

Demonstrated experience supporting all system A&A activities.
SDLC Knowledge:

Knowledge of Software Development Life Cycle (SDLC) with experience in Agile methodologies.
Certifications:

One or more of the following cybersecurity certifications: CAP, CISSP, CSEC, CICSP, CCSP, CISA, CISM, CSLC
Clearance:

Ability to obtain and maintain a Public Trust clearance.
Prefer Candidates in the Washington D.C. Metropolitan Area
Preferred:

AWS certifications are an advantage
Having led or managed CMMI Level 5 certifications and/or audits is a strong advantage
In accordance with pay transparency guidelines, the proposed salary range for this position is $91,000 to $135,000. Final salary will be determined based on various factors such as relevant skills, experience and certifications.

Find Your Next

at Karsun Solutions and transform your career with the company transforming possible for the US Government.

At Karsun, collaboration drives our community. We're committed to building an environment where team members from diverse backgrounds can innovate, learn and grow with us. Here at Karsun, the only limit to your potential is the limit of your curiosity.

And because we know well-being empowers us to thrive, we offer robust and comprehensive benefits including:

Health, Life & Disability Insurance - Medical, Dental, Life and Disability coverage is paid for by Karsun for full time employees.
Paid Parental Leave
401k Retirement Plan - with pre-tax and post-tax ROTH contribution offerings and immediate vesting with a per pay period match
Generous time off programs including 11 paid holidays per year
Supplemental plans such as Vision, Pet Insurance and 529 Savings Plan
Employee Assistance Program with behavioral health, physical wellness and financial advice
Employee Discounts & Perks
In-house Technical/Skills Training

Join Team Karsun and

Find Your Next .

Karsun Solutions is an Equal Employment Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Karsun does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Karsun and Karsun will not be obligated to pay a placement fee.