Work Location: Dulles, VA

Epic Systems is supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment, including introducing new cyber capabilities to address emerging threats.


The Senior Cloud Security Architect must display superb understanding and be knowledgeable with a multitude of technologies to include AWS, SIEM, firewalls, web application firewalls, VPNs, DNS, Data Loss Prevention, IDS/IPS, and proxies, to name a few. Develops security systems for any manual or automated systems environments. Responsible for ensuring the logging of mission and organizational data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification. The successful Senior Cloud Security Architect will be comfortable working with a variety of different tools and appliances, security problems, and troubleshooting various complex issues. 

The successful candidate applies current analytical and logical thinking to the design, architecture, development, evaluation, testing, and integration of computer systems, appliances, and networks involving the architecture and implementation of Cyber Security tools in a hybrid environment. Attention to detail, honesty, out of the box thinking with a problem-solving mindset, being able to work under pressure, and being able to deliver on tight delivery schedules are recommended soft skills. 

Required Skills: 
•  An active Secret security clearance is required with the eligibility to obtain a TS/SCI. TS/SCI is preferred. 

• This is a hybrid position 
• Must be able to obtain DHS suitability prior to starting employment 
• 8+ years of directly relevant experience. 
• Must have hands-on experience with AWS and Linux in a production environment. 
• Knowledge of Federated Identity, RBAC, authentication & authorization solution, etc. 
• Working Knowledge of secure-cloud configuration, (e.g., CloudTrail, AWS Config), cloud-security technologies (e.g., VPC, Security Groups) and Access Control (IAM). 
• Hands on experience with security, such as NGFW, WAF, SIEM, endpoint security. 
• Ability to work in a fast-paced agile environment 
• Experience and/or familiarity with the following network protection devices: Firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis 
• Manage technology roadmaps with each product and propose briefs and reports to elaborate on recommended actions based on best practices 
• Support system accreditation efforts (ATP, ATO) by generating Risk Management Framework (RMF) artifacts 

Desired Skills: 
• Familiarity with one or more of the following: RSA Security Analytics (NetWitness), Symantec Bluecoat, CyberArk, ForeScout CounterAct, McAfee ePO, CrowdStrike, FireEye, Cisco FirePower (SourceFire), RedSeal, SecureSphere Imperva, Tenable Nessus, Splunk, PKI, chain of trust, and certificates. 
• Understanding and application of DoDAF and Model Based System Engineering (MBSE) 

Required Education: 
• BS Computer Science, Computer Engineering, Computer Information Systems, OR Computer Systems Engineering. Two years of related work experience may be substituted for each year of degree level education.