Cyber Architect

• Must be a U.S Citizen- Must have an Active Secret Clearance (Green Cards / Visas do not qualify)
• Willingness to undergo a comprehensive background investigation and maintain a personal security clearance. (Aquila would sponsor you for the security clearance.)
• Must be within 100 miles of worksite (Lexington, MA)

• Lead and execute all phases of the RMF process (Categorization, Selection, Implementation, Assessment, Authorization, Monitoring) for CDS and Cloud systems, ensuring strict adherence to NIST SP 800-37, CNSSI 1253, ICD 503, and NSA RTB requirements.
• Provide guidance for required RMF documentation, to successfully assess and authorize cloud technologies and CDS.
• Conduct comprehensive security control assessments, vulnerability analyses, and risk assessments for CDS and cloud architectures.
• Cross Domain Solution (CDS) Expertise:
• Architect, design, and implement secure CDS solutions, ensuring compliance with NSA RTB requirements and best practices.
• Provide expert guidance on CDS accreditation processes, and data flow security.
• Evaluate and recommend CDS technologies and configurations to meet specific mission requirements while maintaining a high security posture.
• Cloud Security Architecture & Engineering:
• Design, implement, and secure cloud environments (e.g., AWS, Azure Government, DAF Cloud Works) in accordance with RMF, FedRAMP, DoD SRG, and NSA RTB guidelines.
• Develop secure cloud network architectures, identity and access management (IAM) strategies, data encryption solutions, and security monitoring within cloud platforms.
• Provide guidance on secure cloud migration strategies and container security.
• Policy & Procedure Development:
• Develop, write, and refine cybersecurity policies, standards, and procedures specifically tailored for CDS and cloud environments, ensuring alignment with NSA RTB and other relevant government regulations.
• Translate complex security requirements into actionable policy and guidance for technical teams.
• Implementation & Remediation:
• Oversee and actively participate in the implementation of security controls and countermeasures for CDS and cloud systems.
• Provide technical guidance and support to engineering teams to ensure secure system design and configuration.
• Track and manage POA&Ms, working with stakeholders to ensure timely implementation of CSD and cloud technologies.
• Training
• Design, develop, and deliver comprehensive training programs and materials on RMF, CDS security, cloud security best practices, and NSA RTB requirements.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 8+ years of experience in cybersecurity, with at least 5 years directly focused on RMF implementation and accreditation.
• 3+ years exp designing, architecting, and implementing Cross Domain Solutions (CDS).
• 3+ years exp securing cloud environments (e.g., AWS GovCloud, Azure Government) at an enterprise level.
• Proven experience in writing and implementing cybersecurity policies and procedures specific to CDS and cloud.
• Experience in developing and delivering technical training programs.
• In-depth understanding of NIST SP 800-37, CNSSI 1253, NIST SP 800-145, DoD Cloud Computing SRG, ICD 503, DoDI 8540.01, and other relevant government cybersecurity frameworks.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and security monitoring in cloud environments.
• Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.

• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• CASP+ (CompTIA Advanced Security Practitioner)
• AWS Certified Security – Specialty
• Azure Security Engineer Associate
• Relevant vendor-specific CDS certifications

• Degree Level: Bachelor's Degree
• 3 years - Cloud security best practices and tools.
• 3 years - Experience in managing cloud security, networking, and storage solutions
• 5 years - Security plans (i.e. RMF), procedures, and compliance with DoD directive 8140
• 5 years - Networks
• 5 years - Penetration testing
• 8 years - Security
• 8 years - Cyber Experience
• 2 years - Cyber Operational Readiness Assessment (CORA) process & maintaining an inspection ready environment
• 8 years - Cyber security operations systems best practices
• 3 years - Experience designing, architecting, and implementing Cross Domain Solutions (CDS)
• 6 years - Experience with vulnerability scanning and auditing tools and processes
• 5 years - NIST SP 800-37
• 5 years - Risk Management Framework (RMF)
• 5 years - Security controls and the RMF process
• 3 years - Systems
• 3 years - Classified Cloud
• 3 years - Cloud computing platforms (e.g., AWS, Azure, GCP)

• Certification: CCSP (Certified Cloud Security Professional)
• Certified Information Systems Security Professional (CISSP)
• Cloud certifications (e.g., AWS Certified Solutions Architect, Microsoft Azure Certification)
• Security+ CE, CASP, CISSP, or similar security certification

• PTO - 15 days (vacation/sick) 10 paid holidays - 6 standard (New Year’s, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) - 4 floating holidays prorated based on your day of hire
• 1.5 paid days, or 12 hours, for approved volunteer work
• 1 week of paid maternity/paternity LOA after 1 year of Full-time employment
• Tuition & Training Reimbursement - 5K annually for pre-approved, job-related tuition, certification, or professional conferences
• 401K with Fidelity 100% immediate vesting; Plan eligibility begins 90 days following the date of hire. Aquila matches 50 cents on the dollar, up to 6%.
• Cell Phone & Internet Reimbursed up to $150 monthly to cover cell phone, data, and home internet expenses.
• Buy Your Own Device (BYOD) Allowance Reimbursed up to $1500 for the purchase of a qualified technology device. Eligible after 90 days of employment, and benefit renews every three years.

Aquila Technology