HUD - Security Architect

cFocus Software seeks a Security Architect to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance.
Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• 7+ years of experience in cybersecurity architecture, engineering, or enterprise security design.
• Strong experience with federal security frameworks (NIST, FISMA, FedRAMP, RMF).
• Experience designing cloud security architectures (AWS, Azure, or similar).

Duties:

• Design, develop, and maintain enterprise and cloud security architectures supporting SOC operations.
• Architect security solutions across cloud (AWS GovCloud), on-prem, and hybrid environments.
• Lead security architecture validation, ensuring alignment with NIST SP 800-53, NIST RMF, FISMA, OMB, and CISA directives.
• Conduct architecture reviews, system design assessments, and security engineering evaluations.
• Support Zero Trust architecture design, implementation, and maturity assessments.
• Define and implement security controls, segmentation strategies, and defense-in-depth architectures.
• Evaluate and integrate security technologies including SIEM, SOAR, EDR, IDS/IPS, DLP, IAM, and cloud-native security tools.
• Perform system fit/gap analysis of security architecture and recommend improvements or redesigns.
• Support secure configuration and deployment aligned with OEM best practices and federal standards.
• Architect solutions for continuous monitoring, threat detection, and automated response capabilities.
• Develop and maintain architecture documentation, diagrams, and technical standards.
• Collaborate with SOC, engineering, compliance, and infrastructure teams to ensure secure system integration.
• Support vulnerability management, threat modeling, and risk mitigation strategies.
• Ensure secure data architecture including encryption, data protection, and data loss prevention.
• Provide guidance on secure system lifecycle (design, development, deployment, operations).
• Evaluate emerging technologies and recommend enhancements to improve cybersecurity posture.

Originally posted on Himalayas