IT Principal Enterprise Architect - United States - 26041 - Maximus

General information

Job Posting Title

IT Principal Enterprise Architect

Date

Friday, October 25, 2024

City

Remote

Country

United States

Working time

Full-time

Description & Requirements

The Federal Enterprise Architect specializes in designing, implementing, and maintaining secure cloud environments that meet the stringent requirements of FedRAMP Moderate and High, CMMC, and DoD Impact Levels 4/5. This role ensures that the agency's cloud-based systems and applications adhere to federal mandates, industry best practices, and evolving threat landscapes. The Federal Security Architect works collaboratively with the CDIO, CISO, Technology & Innovation, IT leadership, and various stakeholders to develop and maintain a robust security architecture framework that effectively safeguards sensitive government data and critical infrastructure.

Essential Duties and Responsibilities:
- Ensure all the resources and support for hardware and hardware modernization, and the addition of new capabilities to meet the government requirements, and to leverage technological advances, improve system capability, reliability, and extend system life.
- Manage a small team of system and application engineers.
- Provide a variety of technical support analysis and integration required.
- Provide subject matter expertise and guidance to both business and technical teams on the overall solution architecture.
- Perform Gap Analysis of current and targeted system operating environments.
- Provide a technology roadmap for maintaining and improving services provided to the external customers.
- Provide forward leading solution enhancements to the business that support both cost and quality competitiveness.
- Work effectively and efficiently with other departments and senior leadership (e.g. Capture Management Team, IT Infrastructure, Information Security, and Application Development) to ensure all needs are included in the overall architecture.
- Assist in proposal writing and business development as required, such as understanding overall federal business needs, product/service strategic direction, MAXIMUS operations, federal policy requirements and business development strategy.

· Security Architecture Design:

o Develop and maintain the cloud security architecture blueprint, ensuring full compliance with CMMC, FedRAMP moderate and high, DoD SRG, NIST800-53r5, NIST800-171, and other applicable federal regulations.

o Evaluate and integrate emerging security technologies and solutions to address the unique challenges of cloud environments and evolving threats.

o Design and implement security controls tailored to FedRAMP Moderate, FedRAMP High, and DoD IL4/5 requirements to protect sensitive and classified information.

o Define security standards and guidelines for cloud service selection, implementation, configuration, and ongoing management.

· Security Strategy Implementation:

o Work closely with the CISO and IT leadership to implement the cloud security strategy, ensuring alignment with agency mission objectives and CMMC, FedRAMP and DoD IL4/5 compliance.

o Collaborate with project teams to integrate security requirements into the entire cloud system lifecycle, from design and development to deployment and operations.

o Oversee the implementation and configuration of security solutions within cloud environments, ensuring their effectiveness and adherence to federal standards.

o Conduct continuous security architecture reviews and assessments to identify areas for improvement and address compliance gaps.

· Risk Management:

o Collaborate with risk management teams to identify, assess, and prioritize security risks based on CMMC, FedRAMP, and DoD IL4/5 guidelines and the unique risks associated with cloud computing.

o Develop and implement risk mitigation strategies and security controls to address identified risks within cloud environments.

o Monitor and evaluate the effectiveness of risk mitigation efforts, reporting findings to senior leadership and ensuring continuous improvement.

· Incident Response:

o Participate in the cloud incident response process, providing technical expertise and guidance in accordance with CMMC, FedRAMP, and DoD IL4/5 incident response protocols.

o Analyze cloud security incidents to identify root causes and recommend corrective actions to prevent future occurrences.

o Contribute to the development and enhancement of cloud incident response plans, ensuring alignment with FedRAMP/DoD requirements and best practices.

· Leadership and Collaboration:

o Provide technical leadership and mentorship to security architects and engineers working in CMMC, FedRAMP, DoD IL4/5 environments.

o Foster a collaborative environment across IT, cloud service providers, and other stakeholders to promote security awareness and adoption.

o Communicate effectively with stakeholders at all levels, ensuring clear understanding of complex cloud security requirements and their implications.

Minimum Requirements

- Bachelor's degree in related field.
- 10-12 years of relevant professional experience required.
- Equivalent combination of education and experience considered in lieu of degree.

· Education: Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.

· Experience:

o 10+ years of experience in information security, with a strong focus on cloud security architecture and design.

o Demonstrated experience in designing, implementing, and managing secure cloud environments in compliance with CMMC, FedRAMP Moderate and High, and DoD IL4/5.

· Certifications: CISSP, CISM, CCSP, CCSK, or other relevant security certifications are highly preferred.

· Clearance: Must be able to obtain and maintain a security clearance appropriate for the agency's requirements.

· Skills:

o Deep understanding of CMMC, FedRAMP, DoD SRG, NIST800-53r5, NIST800-171, and other applicable federal regulations and guidelines.

o Expertise in cloud security technologies and best practices, including cloud access security brokers (CASBs), identity and access management (IAM), data loss prevention (DLP), and encryption.

o Strong understanding of cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid).

o Excellent communication, collaboration, and leadership skills.

o Ability to translate complex technical concepts into clear and concise language for non-technical audiences.

o Strong problem-solving and analytical skills.

Additional Information:

· Travel: Occasional travel may be required.

· Citizenship: Must be a U.S. citizen.

· Security Clearance:?????

This job description is subject to change based on the specific needs of the federal agency.

#techjobs

EEO Statement

Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Pay Transparency

Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.