Delivery | United States

Cybersecurity Enterprise Architect III - Federal Practice (Remote)

Who We Are

Trek10 builds and manages massively scalable cloud architectures using cutting-edge AWS technologies. Headquartered in South Bend, IN, we have a local footprint but operate with a global reach. Today we have customers on four continents and from coast to coast in the United States and a global brand for deep expertise. We are a Premier Tier AWS Consulting Partner with the following AWS Partner Competencies: DevOps, Migration, IoT, and SaaS. We have a focus on designing and building serverless / cloud native and IoT systems, DevOps automation, and providing 24/7 AWS infrastructure support. We are pioneering the future of cloud computing and having a lot of fun while we do it!

To better understand the type of cutting-edge work we do for our clients, please take a look at some of our case studies.

Cybersecurity Enterprise Architect III - Federal Practice [Remote]

Trek10 is looking for Cybersecurity Architects to work in a fast-paced environment providing cybersecurity design, direction, and engineering for application and platform teams building cloud native and containerized DevSecOps patterns. At Trek10, security is “job zero,” which means it is more important than any number one priority. The cloud is a shared responsibility model where the cloud provider (AWS) is responsible for the security OF the cloud while the customer/partner is responsible for security IN the cloud.

As a Cybersecurity Architect, your role is to provide guidance, direction, and training while leading efforts to ensure compliance with the appropriate risk framework(s). This role is more than just a paper and process exercise, you’ll work with platform teams as they focus on building automation, guardrails, and sustainable patterns to support others to deliver more and faster. You will be instrumental in building and maintaining a collaborative culture when it comes to security. At Trek10, architects are the expert guides in the organization, discovering, designing, educating, leading and gathering buy-in for the platforms and systems that are relied upon by our clients and Trek10 itself. This is a complex role that will enable as well as challenge you to grow your skills, both technical and non-technical. Joining this role provides you the opportunity to work with a diverse team of Trek10 architects and engineers that are building the future. This role includes, but is not limited to, the following:

Responsibilities:

  • Set goals, outcomes, and manage accountability
  • Develop and provide workforce awareness training/briefings on information security standards, policies, processes, and best practices as needed
  • Define security requirements and work for platform/engineering teams to successfully deliver on new security services for our customers
  • Develop and perform developer-focused training in support of security program goals
  • Coordinate the work of junior team members performing routine and non-routine tasks within the security program.
  • Develop, review, and critique assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD, ICD, CNSS, and NIST special publications.
  • Research and identify best practices to harden and secure cloud workloads including cloud native, containers, and Kubernetes clusters at scale
  • Work with the security governance team to develop and interpret security standards, and build automated and self-service capabilities that validate application security and compliance status against these standards
  • Design vulnerability scans of cloud-based and mobile applications and infrastructure to identify weaknesses, coordinate with app teams to confirm validity of findings, and recommend and assist with mitigations as needed.
  • Assist development teams in defining and updating application threat models and in interpreting security policies, standards, and control requirements.
  • Identify mobile security process gaps, and propose and implement process and technical solutions to close gaps.
  • Advise security governance stakeholders on current and projected technical security risks, and recommend mitigation strategies to control risk.
  • Provide technical and non-technical security engineering assistance in support of maintaining existing ATO, Continuous Authorization, and in obtaining app-specific ATOs where necessary.
  • Implement enterprise security solutions such as WAF and SIEM
  • Support development and implementation of innovative methods to achieve compliance with government and commercial cybersecurity frameworks.
  • Identifying, engineering, and building/updating/integrating new and existing security tooling, including cloud-native services
  • Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Security Assessment Reports
  • Identify and advise on technical security requirements, review and approve security architecture and control implementations
  • Ensure platform and networks are compliant with DoD policies
  • Research security standards/tools

Requirements:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

The ideal candidate will have:

  • Bachelor's Degree or 8 years experience in IT / cybersecurity
  • 4+ years of experience in AWS or other public cloud environments
  • CSSLP (preferred) or CASP+ certifications
  • Experience with scripting languages and tools (bash, powershell, etc)
  • Experience using a modern programming language such as Python, Node.js, Typescript, GoLang, Java, C#, Rust, etc
  • Experience working with software and app teams throughout the full Software Development Lifecycle (SDLC)
  • Code-defined infrastructure, configuration management tools, and CI/CD
  • AWS security tooling for scanning, monitoring and alerting tools (Inspector, CloudTrail, CloudWatch, GuardDuty, Lambda, Security Hub)
  • A thorough understanding of operational best practices for security in the cloud
  • Containerization patterns with services like ECS, EKS, Fargate, Kubernetes, etc.
  • Proven experience building security reference architecture for all-in AWS cloud deployments
  • Expert-level knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, SSL, HTTP, HTTPS, routing protocols)
  • Experience and a deep understanding of the application of security, risk, and compliance frameworks (RMF, FedRAMP, DoD CC SRG, NIST 800-53, NIST 800-171)
  • You are comfortable working independently as well as in a collaborative team environment as situation demands
  • Effective verbal and written communication skills
  • Experience in large-scale enterprise IT environments
  • Experience in a consultative, client-facing consulting role
  • Previous or current experience with Federal / Government stakeholders
  • Previous experience providing training in RMF or explaining cyber security concepts to others in a training like environment
  • You know how and when to apply NIST Risk Management Framework, NIST 800-53, and DISA STIGs, including the Application Security and Development STIG

Strongly preferred:

  • DOD IAT II or higher certification
  • AWS Professional Level and Security Specialty Certification
  • Experience with Cloud Native patterns with services like AWS Lambda
  • Experience in large-scale enterprise IT environments
  • Experience in a consultative, client-facing consulting role
  • Previous or current experience with Federal / Government stakeholders
  • Active Secret security clearance

Benefits:

  • Be challenged. Work with a team of super bright individuals. Work in a rapidly evolving industry that is growing at blazing speed.
  • Flexibility. Like to work from home? In your closet? In the shower? If you get the job done go for it.
  • Have fun—Trek10 is home to great people.
  • Get paid. Of course. We have competitive salaries, medical insurance, and other benefits available.
  • Robust training and continuous learning environment and support.
  • Develop a skill set that will set you up for long-term professional growth and development.