Cyber Security Architect in Arlington, Virginia at INflow

INflow Federal is seeking a Security Architect/Engineer to design, implement, and sustain secure enterprise architectures for a modernized Department of Defense (DoD) information system. The Security Architect will ensure systems meet stringent security, compliance, and operational standards through defense-in-depth engineering, Zero Trust implementation, and RMF control integration across IL environments. This position plays a key role in establishing secure architectures that protect sensitive mission data while enabling operational agility, interoperability, and compliance with DoD cybersecurity mandates. This is a fully remote position.

Here, your work is more than a job - it’s a journey in innovation. With opportunities to work on high-impact projects, access to the latest technologies, and a culture that thrives on creativity and collaboration, INflow Federal is where your expertise can truly make a difference.

• Lead the design and implementation of secure system architectures across multiple IL environments (IL2–IL5) in compliance with DoD and NIST standards
• Define and validate security requirements throughout the system lifecycle, including hardware, software, and cloud components
• Conduct risk assessments, security architecture reviews, and threat modeling to identify and mitigate vulnerabilities
• Develop and maintain architecture diagrams, data flow mappings, and control baselines for ATO documentation and continuous monitoring
• Implement Zero Trust principles including segmentation, strong identity management, encryption, and telemetry integration
• Support and maintain RMF accreditation artifacts (SSP, SAR, POA&M, etc.) and ensure traceability to implemented controls
• Integrate security automation and continuous compliance within DevSecOps pipelines using tools such as Tenable ACAS, AWS Inspector, and Twistlock
• Collaborate with network, platform, and application teams to align technical implementations with cybersecurity policy and architecture standards
• Define and enforce data protection and key management solutions (KMS, TDE, PKI) within AWS GovCloud and hybrid environments
• Support vulnerability management, remediation tracking, and penetration testing coordination
• Maintain awareness of evolving DoD cyber policies, cloud standards, and emerging security technologies to proactively improve posture
• Lead technical deep dives and architecture reviews for proposed changes to ensure secure system evolution
• Contribute to incident response readiness, ensuring forensic tools, audit logs, and alerting mechanisms are in place
• Provide guidance and mentorship to engineers and administrators on secure configuration management, encryption, and boundary protection

• Deep understanding of DoDI 8510.01 (RMF), NIST SP 800-53/171, and DISA STIG/SRG compliance frameworks
• Expertise in cloud security architecture and Zero Trust implementation
• Experience with encryption standards, data loss prevention (DLP), and secure identity management (SAML, OAuth, MFA)
• Proficiency with AWS GovCloud, container security, and Infrastructure as Code (IaC) security
• Familiarity with network security principles, firewall design, VPNs, and segmentation
• Knowledge of continuous monitoring tools such as Splunk, ELK Stack, CloudWatch, and GuardDuty
• Experience supporting ATO/renewal efforts, POA&M closure, and security audit responses
• Strong analytical, architectural, and documentation skills
• Ability to evaluate technical designs for compliance and security effectiveness
• Excellent communication skills for presenting complex topics to technical and non-technical audiences
• Strong collaboration across development, cybersecurity, and program management teams
• Commitment to proactive risk management and secure modernization
• Preferred certifications: CISSP, CISM, or CompTIA Advanced Security Practitioner (CASP+); AWS Certified Security – Specialty; CompTIA Security+ CE (DoD 8570 baseline); Certified Cloud Security Professional (CCSP)

• Bachelor’s degree in Cybersecurity, Computer Science, or a related technical field, or equivalent combination of education, technical training, or work/military experience
• Minimum 7 years of experience in cybersecurity engineering, architecture, or secure system design for federal or defense environments
• Experience developing and enforcing security architectures and control frameworks in AWS GovCloud IL4/IL5
• Proven experience integrating security into Agile or DevSecOps pipelines and performing RMF-compliant design reviews

• Active DoD Top Secret (SCI preferred)

• Some travel may be required: Must have valid driver’s license and transportation. This is subject to change at the direction of the customer.
• If accommodation is needed with your application or the interview process for applicants with disabilities, please contact Human Resources at 703-594-8601.
• Candidate must have the ability to lift up to 50 lbs.
• Must have willingness to perform duties not listed in the job description as required by INflow and our customer.