Security Solutions Architect

Essential Duties and Responsibilities:

- Determines security requirements by assessing business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, and identifying integration points and issues
- Develops requirements and strategies to address information security needs and oversees projects through the implementation phase
- Works with the various information security team members and information technology teams to ensure changes to new or existing technologies are assimilated and functioning correctly
- Defines security requirements for information technologies and solutions
- Partners with other technical architects within the company to ensure consistency with enterprise architecture processes and practices
- Ensures that information security controls are designed and implemented to meet all regulatory and/or contractual requirements
- Research new and emerging technologies to evaluate technical trends and requirements
- Provides subject matter expertise and assists with collection of artifacts in support of internal and/or external compliance activities
- Develops and fosters strategic relationships and establishes key organizational partnerships
- Establishes collaborative working relationships with internal and external business partners and clients to ensure that technology solutions align with security architecture and business strategy
- Performs other related duties as assigned

Job Specific Duties:

- Provide security architecture and technical security guidance to solution owners, with primary engagement across OCTO (AIA / Solution Architects) and Business Development teams

- Act as a technical ISO stakeholder in Enterprise Risk and Assurance activities

- Translate security requirements, standards, and controls into clear, actionable guidance for technical and non-technical stakeholders

- Identify architectural and solution-level security risks and collaborate with stakeholders to define appropriate mitigating controls

- Communicate upcoming initiatives, solution designs, and security or compliance considerations to ISO leadership

- Ensure proposed designs align with enterprise security standards, internal controls, and applicable regulatory requirements

- Document security architecture decisions, identified risks, and accepted exceptions to support audit and assurance activities

- Identify recurring architectural risk patterns and escalate systemic issues to ISO leadership for remediation planning

Minimum Requirements


- Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required.

- Bachelor's Degree in Computer Science, Information Systems, or the equivalent combination of education, training, or work experience
- Professional security certification such as CISSP or CCSP is desired
- Seven (7) or more years of experience in information technology

- Security Engineering or Security Architecture experience in a FEDERALLY focused environment is required.

- Federal compliance frameworks and regulatory requirements

-Enterprise level internal controls and security standards


- Compliance and assurance requirements across regulated environments


- Security architecture principles, patterns, and risk-based design approaches


- Understanding of how business objectives, contracts, and regulatory obligations influence security architecture decisions


- Ability to communicate complex security concepts clearly to diverse audiences


- Ability to travel up to 10%, based on the business need.

Must have experienced with:

NIST 800-53 Security and Privacy Controls for Information Systems and Organizations

NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

Other preferred NIST 800 Series experience:


NIST SP 800-160v1r1 Engineering Trustworthy Secure Systems


NIST SP 800-218 Secure Software Development Framework (SSDF)


NIST 800-207 Zero Trust Architecture


NIST 800-128 Guide for Security-Focused Configuration Management of Information Systems


NIST 800-58 Security Considerations for Voice Over IP Systems


NIST 800-39 Managing Information Security Risk: Organization, Mission, and Information System View


NIST 800-37 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy


NIST SP 800-46 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security


NIST Privacy Framework


Configuration Standards Experience Preference:


Center for Internet Security (CIS) Benchmark


Security Content Automation Protocol (SCAP) Benchmark


NIST Security Configuration Checklist


Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs)


Defense Information System Agency (DISA) Security Requirements Guides (SRGs)


National Security Agency (NSA) Guides


#maxcorp

EEO Statement


Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.


Pay Transparency


Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.


Accommodations
Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at View email address on click.appcast.io .


Minimum Salary


$


134,215.00


Maximum Salary


$


181,585.00