Senior Security Architect
idexcel
About the role
Job Title
Senior Security Architect/ InfoSec Architect V
Location
Reston, VA/hybrid
Duration
Long Term
Overview
Hiring for a Senior Information Security Architect position primarily focusing on AWS.
This position requires deep expertise in Information Security principles including Business Security Architecture, Threat Modelling, Data Security (data encryption, masking, tokenization, data access controls), AWS Cloud and Systems architecture.
This individual must be able to architect and ensure the security and compliance of the cloud environments based on enterprise cloud security policies, standards, procedures and industry best practices and frameworks (NIST, OWASP).
This is a potential contract to hire (not necessarily but need the option) after 6 months.
Candidate is expected to come to Reston office three times a week.
Self‑starter and Senior Architect who can lead the AWS Security architecture program in multiple projects simultaneously by collaborating with numerous stakeholders (Product owners, Enterprise Architect).
Must Have
1. Public Cloud: AWS Experience
- Deep expertise and proven track record in AWS Architecture and AWS Services (Compute, IAM, RDS, Resource Policies, Network, Messaging, Data Storage, CI/CD, AI/ML, ETL, Serverless, ECS/EKS).
- Experience with AWS security pillars, best practices and well‑designed architecture.
- Experience in AI/ML is preferable.
2. Information Security Architecture
- Key experience: Application security, Threat Modelling, API Security, DevSecOps, Pipeline security, Infrastructure security, AuthN/Z, Encryption, Key Management, Data discovery and encryption, SIEM, CSPM, CWPP, Access Controls, Container Security.
- Industry security standards and frameworks (OWASP, NIST, CIS, FED Ramp, ISO, SOX, etc.).
- Experience designing architectures based on security standards and threat‑modeling the designs to identify issues and design mitigating controls.
3. Systems Architecture
- Key experience: System Design, API‑Driven architecture, Open Standards, stateless, Resiliency, High Availability, System and SaaS Integrations.
Nice to Have
- AWS advanced Certification (Professional, Specialty)
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP) or equivalent
Requirements
- Public Cloud: AWS Experience
- Deep Expertise and proven Track record in AWS Architecture and AWS Services (Compute, IAM, RDS, Resource Policies, Network, Messaging, Data Storage, CI/CD, AI/ML, ETL, Serverless, ECS/EKS)
- Experience with AWS security pillars, best practices and well designed architecture
- Application security
- Threat Modelling
- API Security
- DevSecOps
- Pipeline security
- Infrastructure security
- AuthN/Z
- Encryption
- Key Management
- Data discovery and encryption
- SIEM
- CSPM
- CWPP
- Access Controls
- Container Security
- Industry security standards and frameworks (OWASP, NIST CIS, FED Ramp, ISO, SOX etc.)
- Experience designing Architectures based on Security Standards and threat model the designs to identify issues and design mitigating controls
- System Design
- API Driven architecture
- Open Standards
- stateless
- Resiliency
- High Availability
- System and SaaS Integrations
Responsibilities
- Architect and ensure the security and compliance of the cloud environments based on enterprise cloud security policies, standards, procedures and industry best practices and frameworks (NIST, OWASP)
- Lead the AWS Security architecture program in multiple projects simultaneously by collaborating with numerous stakeholders (Product owners, Enterprise Architect)
Skills
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free