Cyber Security Architect

Role: Cybersecurity Architect

Location; Rockville, MD (Hybrid, 3 days Onsite)

Experience: 15 years Must

Only Locals & US Citizens for this role

Job Summary

The Cybersecurity Outcome Transformation Technical Advisor is a senior-level strategic and technical role supporting U.S. federal government clients in the design, execution, and measurement of cybersecurity transformation programs. Operating within a government contracting environment, this role serves as a trusted technical advisor embedded with federal agency stakeholders — bridging mission-critical objectives with modernized security capabilities. The ideal candidate brings deep federal compliance expertise, and a proven track record of delivering outcome-driven results within the constraints of government acquisition and policy frameworks.

Key Responsibilities

Strategic Advisory & Transformation Planning

• Lead cybersecurity transformation engagements across federal civilian, HHS NIH NIAID agencies, aligning security investments to agency mission outcomes and federal mandates.
• Develop and own comprehensive transformation roadmaps addressing people, process, and technology in accordance with federal acquisition and budget cycles (e.g., PPBE, FITARA).
• Translate agency-specific security requirements and risk tolerances into actionable strategies, milestones, and performance metrics reportable to agency leadership and oversight bodies (e.g., OMB, GAO, Congress).
• Advise agency stakeholders on evolving federal cybersecurity policy including Executive Orders (e.g., EO 14028), OMB Memoranda (e.g., M-21-31, M-22-09), CISA directives, and NSM-8.

Technical Leadership & Architecture

• Provide hands-on technical guidance across federal cybersecurity domains including Zero Trust Architecture (ZTA), Identity, Credential, and Access Management (ICAM), SOC/SIEM modernization, Cloud Security (FedRAMP), Endpoint Detection & Response (EDR), Data Protection, and OT/ICS security.
• Lead the design and implementation of Zero Trust architectures aligned to CISA's Zero Trust Maturity Model.
• Conduct security architecture reviews, threat modeling, and ATO (Authority to Operate) support in alignment with NIST RMF and FISMA requirements.
• Evaluate and recommend security technologies operating within FedRAMP-authorized product boundaries.
• Support continuous monitoring strategies using tools consistent with CDM (Continuous Diagnostics and Mitigation) program requirements.

Outcome Measurement & Value Realization

• Define and implement outcome-based metrics, security scorecards, and dashboards that satisfy federal reporting requirements (e.g., CIO FISMA metrics, CDM dashboards, OMB cybersecurity cross-agency priority goals).
• Conduct maturity assessments using frameworks such as NIST CSF, C2M2, CMMC, and CISA's Cyber Performance Goals (CPGs).
• Develop business cases and should-cost models for cybersecurity investments aligned to federal budget justification formats.
• Track and report transformation progress to agency CISOs, CIOs, Deputy Secretaries, and program oversight stakeholders.

Stakeholder Engagement & Executive Communication

• Serve as a primary technical advisor to agency CISOs, CIOs, Program Managers, and Contracting Officer Representatives (CORs).
• Facilitate working groups, integrated product teams (IPTs), and executive steering committees within federal environments.
• Prepare and deliver briefings, white papers, technical evaluation reports, and Congressional-level summary documents as required.

Program & Compliance Management

• Manage cybersecurity transformation task orders or programs under contract vehicles such as GSA Schedules, SEWP V, CIO-SP4, OASIS , or agency-specific IDIQs.
• Ensure all deliverables comply with applicable federal regulations including FISMA, FedRAMP, DFARS 252.204-7012, and NIST SP 800-series publications.
• Identify, assess, and manage program risks, issues, and dependencies in accordance with agency PMO standards and EVM (Earned Value Management) requirements where applicable.
• Support supply chain risk management (SCRM) activities in alignment with NIST SP 800-161 and agency SCRM policies.

Required Qualifications

Area

Requirements

Clearance

Public Trust

Citizenship

U.S. Citizenship required

Experience

10 years in cybersecurity; 5 years in a federal advisory, consulting, or program leadership role

Federal Frameworks

Deep expertise in NIST RMF, FISMA, FedRAMP, NIST SP 800-53, NIST CSF, and Zero Trust

Technical Depth

Proficiency in 3 domains: ICAM, Cloud Security, SOC/SIEM, CDM, OT/ICS, Endpoint Security

Communication

Ability to brief senior federal officials, SES-level leadership, and oversight bodies

Preferred Qualifications

• Industry certifications: CISSP, CISM, CAP (Certified Authorization Professional), CISA, PMP, CGRC
• Experience supporting CMMC compliance, or IC ICD 503 assessment and authorization processes
• Familiarity with Zero Trust Strategy, NSM-8, and DISA STIGs
• Background with CDM program tools and CISA integration requirements
• Experience with OT/ICS/SCADA security in federal critical infrastructure environments
• Knowledge of AI/ML security risks and emerging technology policy implications in federal contexts
• Prior experience as a federal employee, military officer, or embedded contractor within a federal agency

Core Competencies

• Mission Alignment – Connects cybersecurity outcomes directly to federal agency mission effectiveness and national security objectives
• Regulatory Fluency – Navigates the complex federal compliance landscape with confidence and accuracy
• Technical Credibility – Earns trust from agency engineers and architects while advising at the SES and executive level
• Outcome Orientation – Drives measurable, time-bound results within government acquisition and funding constraints
• Stakeholder Navigation – Builds consensus across government, contractor, and inter-agency stakeholder environments
• Clearance Accountability – Demonstrates strict adherence to information handling, classification, and security protocols

Work Environment & Travel

• On-site presence at federal agency facilities required; frequency dependent on contract requirements
• Work locations may include Washington D.C. Metro Area, Northern Virginia, Maryland

This role is ideal for a cybersecurity professional with deep federal domain knowledge who can navigate the unique intersection of government policy, mission requirements, and technical transformation — delivering security outcomes that protect national interests and modernize federal cyber defences.