Abile Group is seeking a Security Architect SME to join our rapidly growing and innovative cybersecurity team!

The candidate will lead the development of security architecture guidance, standards, and reference diagrams for on-premise and cloud platforms and systems. This is an exciting role to support both macro and micro security design for a large government agency. The successful candidate will support the design of Zero Trust security architectures and their associated guidance, working in iterations to tighten least privilege access controls and automate Zero Trust controls.

• Develops and aligns system security architectures with organizational cybersecurity guidelines, including defining security boundaries, documenting system categorization, and analyzing user needs and requirements.
• Develops focused guidance for specific security mechanisms such as encryption for data at rest.
• Assesses and evaluates security postures, reviews candidate architectures, identifies protection needs, and determines how new systems or interfaces impact enterprise security.
• Identifies and documents security and privacy requirements, including types of personal information, stakeholder interests, and data that require protection, ensuring proper allocation at both system and organizational levels.
• Supports acquisition and procurement efforts by providing input on security requirements for statements of work, project costs, and translating proposed capabilities into technical specifications.
• Contributes to risk management and compliance, performing architecture reviews, identifies security gaps, supports RMF activities, and maintains documentation throughout the acquisition lifecycle.
• Provides high-quality technical, engineering, analytical, and planning support to meet the organization's requirements.
• Performs architectural review and analysis, developing strategic enterprise solutions that address the evolving business requirements and changing cybersecurity threat landscape.
• Develops and delivers reports (e.g., reference architectures, white papers, roadmaps, architecture risk analysis) to facilitate the following, including but not limited to:
  • Define and develop security architecture and engineering standards.
  • Develop business use cases and design patterns to articulate the organization's goals and objectives.
  • Document the current “as-is” through a holistic review of the agency enterprise.
  • Develop an envisioned target “to-be” based on the agency's needs and threat models.
  • Assess the gaps between “as-is” and “to-be”, and provide roadmaps to close gaps.
  • Develop baselines and reference architectures consistent with standard frameworks.
  • Perform Architect Risk Analysis (ARA) through systematic and comprehensive reviews.
  • Identify, integrate, mature, and communicate key concepts that define continued direct interaction with the agency’s technical and operational leadership.
  • Identify, frame, and support the resolution of critical issues impacting the organization.
  • Update artifacts periodically to meet regulatory, audit, and compliance requirements.

This position allows for 100% remote work. Remote work requires a high level of trust in our employees, and we strictly adhere to the details outlined in our Remote Work Policy below. 

Remote Work Policy 

Remote work necessitates a high level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and clients. In alignment with our inclusive and engaging environment, cameras are encouraged and can be required to be on during virtual video conferences. Additionally, in alignment with the Office of the Inspector General’s effort to eliminate conflicting employment, all employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval.  Employees may not solicit or conduct any outside business during core business hours for the company and our clients.

Degree and Years of Experience: 7+ years of experience designing security architectures by referencing NIST security controls, agency policy, and government-wide security requirements. This experience must include the design of on-premise and cloud security fabrics for all layers of the system (application down to CSP).

• 2+ years of experience designing Zero Trust Architectures to secure cloud and on-premise systems.

Desired Relevant Certifications:

• CompTIA Advanced Security Practitioner (CASP)
• CompTIA Cloud Essentials
• Comptia Cloud+
• Comptia Security+
• EC-Council Certified Network Defense Architect (CNDA)
• EC-Council Certified Ethical Hacker (CEH)
• GIAC Continuous Monitoring Certification (GMON)
• GIAC Security Expert (GSE)
• ISC2 Certified Cloud Security Professional (CCSP)
• ISC2 Certified Information Systems Security Professional (CISSP)
• ISC2 CISSP Information Systems Security Architecture Professional (CISSP-ISSAP)
• ISC2 CISSP Information Systems Security Engineering Professional (CISSP-ISSEP)
• ISC2 Systems Security Certified Practitioner (SSCP)

Required Skills:

• Experience designing security architectures hosted in Microsoft Azure, using a combination of Azure-native services and COTS tooling.
• Experience assessing/reviewing security architectures, writing reports with detailed explanatory findings, and providing briefings on your findings.
• Developing security architecture guidance to include policy language, Standard Operating Procedures, and as-code hardening standards.
• Extensive knowledge of NIST 800- 53rev5 and other NIST Special Publications.
• Current knowledge of government-wide security mandates and CISA Directives.
• Ability to define and document system security boundaries and categorize systems based on security and privacy requirements.
• Skilled in analyzing user needs to inform and guide secure architecture planning.
• Proven ability to assess and evaluate enterprise security postures and identify impacts from new systems or interfaces.
• Experience developing technical documentation, including written documents and diagrams.
• Experience developing presentation slide decks and presenting to technical and non-technical personnel.
• Experience identifying and documenting system and organizational security and privacy requirements, including personal data handling.
• Familiarity with identifying and protecting enterprise and system-level security data.
• Ability to collaborate with stakeholders and translate functional needs into technical security requirements.
• Ability to support cost estimation and technical guidance related to secure system design and changes.
• Skilled in identifying gaps in security architecture and contributing to the development of security risk management plans.
• Proficiency in documenting and updating security architecture throughout the system development and acquisition lifecycle.

Abile Group LLC was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients.  We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

Abile is committed to hiring the most qualified and best fit person for the job - always has, always will. Anyone requiring reasonable accommodations should email careers@abilegroup.com with requested details. A member of the HR team will respond to your request within 2 business days.

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.