Security Architect at Inflowfed

About INflow Federal - founded in 2013, INflow Federal is a mission-driven small business delivering cutting-edge solutions to the Department of War (DoW) and Joint Force operations across 20+ states. Our strength comes from our people - especially the Veterans who make up over 50% of our workforce. Through our Veteran Outreach Program and employee-first culture, we invest deeply in professional growth, well-being, and innovation. Known for our agility, transparency, and integrity, INflow combines real-world experience with emerging technologies like AI/ML to help our customers lead in a rapidly evolving defense landscape. We empower both our employees and mission partners to stay ahead - driving smarter, faster, and more secure outcomes. INflow Federal is seeking a Security Architect/Engineer to design, implement, and sustain secure enterprise architectures for a modernized Department of Defense (DoD) information system. The Security Architect will ensure systems meet stringent security, compliance, and operational standards through defense-in-depth engineering, Zero Trust implementation, and RMF control integration across IL environments. This position plays a key role in establishing secure architectures that protect sensitive mission data while enabling operational agility, interoperability, and compliance with DoD cybersecurity mandates. This is a fully remote position.  Here, your work is more than a job - it’s a journey in innovation. With opportunities to work on high-impact projects, access to the latest technologies, and a culture that thrives on creativity and collaboration, INflow Federal is where your expertise can truly make a difference. Specific Duties and Responsibilities: • Lead the design and implementation of secure system architectures across multiple IL environments (IL2–IL5) in compliance with DoD and NIST standards • Define and validate security requirements throughout the system lifecycle, including hardware, software, and cloud components • Conduct risk assessments, security architecture reviews, and threat modeling to identify and mitigate vulnerabilities • Develop and maintain architecture diagrams, data flow mappings, and control baselines for ATO documentation and continuous monitoring • Implement Zero Trust principles including segmentation, strong identity management, encryption, and telemetry integration • Support and maintain RMF accreditation artifacts (SSP, SAR, POA&M, etc.) and ensure traceability to implemented controls • Integrate security automation and continuous compliance within DevSecOps pipelines using tools such as Tenable ACAS, AWS Inspector, and Twistlock • Collaborate with network, platform, and application teams to align technical implementations with cybersecurity policy and architecture standards • Define and enforce data protection and key management solutions (KMS, TDE, PKI) within AWS GovCloud and hybrid environments • Support vulnerability management, remediation tracking, and penetration testing coordination • Maintain awareness of evolving DoD cyber policies, cloud standards, and emerging security technologies to proactively improve posture • Lead technical deep dives and architecture reviews for proposed changes to ensure secure system evolution • Contribute to incident response readiness, ensuring forensic tools, audit logs, and alerting mechanisms are in place • Provide guidance and mentorship to engineers and administrators on secure configuration management, encryption, and boundary protection Required Skills: • Deep understanding of DoDI 8510.01 (RMF), NIST SP 800-53/171, and DISA STIG/SRG compliance frameworks • Expertise in cloud security architecture and Zero Trust implementation • Experience with encryption standards, data loss prevention (DLP), and secure identity management (SAML, OAuth, MFA) • Proficiency with AWS GovCloud, container security, and Infrastructure as Code (IaC) security • Familiarity with network security principles, firewall design, VPNs, and segmentation • Knowledge of continuous monitoring tools such as Splunk, ELK Stack, CloudWatch, and GuardDuty • Experience supporting ATO/renewal efforts, POA&M closure, and security audit responses • Strong analytical, architectural, and documentation skills • Ability to evaluate technical designs for compliance and security effectiveness • Excellent communication skills for presenting complex topics to technical and non-technical audiences • Strong collaboration across development, cybersecurity, and program management teams • Commitment to proactive risk management and secure modernization • Preferred certifications: CISSP, CISM, or CompTIA Advanced Security Practitioner (CASP+); AWS Certified Security – Specialty; CompTIA Security+ CE (DoD 8570 baseline); Certified Cloud Security Professional (CCSP) Required Education and Experience: • Bachelor’s degree in Cybersecurity, Computer Science, or a related technical field, or equivalent combination of education, technical training, or work/military experience • Minimum 7 years of experience in cybersecurity engineering, architecture, or secure system design for federal or defense environments • Experience developing and enforcing security architectures and control frameworks in AWS GovCloud IL4/IL5 • Proven experience integrating security into Agile or DevSecOps pipelines and performing RMF-compliant design reviews Required Clearance • Active DoD Top Secret (SCI preferred) Other Notes Some travel may be required: Must have valid driver’s license and transportation. This is subject to change at the direction of the customer. If accommodation is needed with your application or the interview process for applicants with disabilities, please contact Human Resources at 703-594-8601. Candidate must have the ability to lift up to 50 lbs. Must have willingness to perform duties not listed in the job description as required by INflow and our customer. Citizenship Requirements * Please note that INflow Federal is a defense contractor. Pursuant to our government contracts, candidates must be US Citizens to be considered for employment. Equal Opportunity Employer  Diversity and Inclusion INflow provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.   This commitment applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, leaves of absence, compensation, and training. Job applicants and employees are evaluated solely on job-related qualifications and experience.