Cybersecurity Architect

JOB DESCRIPTION AND / OR DUTIES Develop and maintain internal network and cloud security architecture blueprints, ensuring full compliance with CMMC, FedRAMP moderate and high, DoD SRG, NIST800-53r5, NIST800-171, and other applicable federal regulations. Evaluate and integrate emerging security technologies and solutions to address the unique challenges of cloud environments and evolving threats. Design and implement security controls tailored to FedRAMP Moderate, FedRAMP High, and DoD IL4/5 requirements to protect sensitive and classified information. Define security standards and guidelines for cloud service selection, implementation, configuration, and ongoing management. Work closely with the CSO, CISO, CTO and IT leadership to implement the cloud security strategy, ensuring alignment with agency mission objectives and CMMC, FedRAMP and DoD IL4/5 compliance. Collaborate with project teams to integrate security requirements into the entire cloud system lifecycle, from design and development to deployment and operations. Oversee the implementation and configuration of security solutions within cloud environments, ensuring their effectiveness and adherence to federal standards. Develop and implement risk mitigation strategies and security controls to address identified risks within cloud environments. Monitor and evaluate the effectiveness of risk mitigation efforts, reporting findings to senior leadership and ensuring continuous improvement. Perform other duties as assigned. JOB REQUIREMENTS Education: Bachelor’s degree in Computer Science, Risk Management, Engineering, or related field or equivalent combination of education and work experience. Advanced degree and industry certifications (CISSP, CISM, CCSP, CCSK etc.) preferred. Experience: Minimum of 10 years of experience in information security, with a strong focus on cloud security architecture and design. Skills: Deep understanding of CMMC, FedRAMP, DoD SRG, NIST800-53r5, NIST 800-171, and other applicable federal regulations and guidelines. Strong understanding of cloud service models (IaaS, PaaS, SaaS0 and deployment models (public, private, hybrid). Ability to work on complex problems and provide highly creative solutions. Excellent communication, collaboration, and leadership skills. Other: Able to lift 30 lbs. (e.g., computer and network equipment). Due to the nature of the work, some on-call availability outside of normal working hours. Clearance: Must be able to obtain and maintain Top Secret clearance. Hybrid Work Eligibility: This position is eligible for hybrid work arrangements at the discretion of the Supervisor. Employees may be required to work at CNA headquarters or other work locations resulting in changes to the scheduled hybrid work arrangements.