Security Architect
Company: Techsur Solutions Llc
Location: Reston
Posted on: April 1, 2026
|
|
|
Job Description:
Job Title: Security Architect Location: Reston, VA – TechSur HQ
Office (3x/week) Salary: DOE full benefits Clearance: Active Public
Trust Company Overview TechSur Solutions is a digital services
company whose mission is to enable digital transformation for our
customers to improve quality and efficiency. Based in the DC
metropolitan area, TechSur specializes in advanced cloud services,
modernization for both IT structures and applications, leveraging
Agile development, and Data Analytics. Since we were formed in
August of 2016, we have supported multiple impactful and exciting
government programs. Job Description We are seeking skilled
Security Architect to support a civilian federal agency by
engineering, implementing, and operating enterprise and cloud
security controls. The role will leverage your skills in
identity-centric security, Zero Trust Architecture, and public
key–based authentication, while also supporting vulnerability
management, patching, incident response, and federal compliance
requirements. Key Responsibilities: Design and implement secure
architecture solutions across cloud, on Prem, and hybrid
environments. Develop security standards, policies, and technical
guidelines aligned with organizational and regulatory requirements.
Conduct architecture reviews, threat modeling, and risk assessments
for new and existing systems. Collaborate with engineering, DevOps,
and product teams to ensure security requirements are integrated
into system designs. Implement, and operate ICAM solutions,
including identity lifecycle management, authentication,
authorization, and access governance. Implement Zero Trust
Architecture in alignment with NIST SP 800-207, emphasizing
continuous verification, least privilege, and identity-based
access. Deploy and support SASE / SSE capabilities, including ZTNA,
Secure Web Gateway, CASB, and Firewall-as-a-Service. Support PIV
smart card and certificate-based authentication across users,
devices, applications, and cloud environments. Operate, and
maintain PKI and certificate management services, including
certificate issuance, renewal, revocation, and automation. Engineer
and secure cloud environments (AWS, Azure, or GCP), focusing on
identity, networking, logging, and secure configurations. Perform
vulnerability scanning, risk prioritization, and coordination of
remediation activities. Support patch management efforts by
validating system configurations and verifying remediation of
security findings. Monitor security and identity events using SIEM
and related tools; investigate and respond to security incidents.
Participate in incident response activities, including alert
triage, investigation, containment, eradication, and recovery.
Develop and maintain incident response playbooks, runbooks, and
post-incident documentation. Develop and maintain security
engineering documentation, standards, and operational runbooks.
Collaborate with IT, cloud, and application teams to integrate
security controls into system designs and CICD pipelines. Provide
compliance and audit support, including technical evidence for ATO,
continuous monitoring, and remediation activities. Required Skills
Strong knowledge of network security, application security, and
cloud security architecture. Hands-on experience with major cloud
platforms (AWS, Azure, or Google Cloud) and their native security
services. Expertise in security frameworks such as NIST, ISO 27001,
CIS Benchmarks, OWASP, and Zero Trust. Proficiency with identity
and access management (IAM), SSO, MFA, and federation technologies.
Solid understanding of encryption, PKI, firewalls, WAFs, SIEM, EDR,
and vulnerability management tools. Proven experience in
identifying and remediating vulnerabilities in both Linux and
Windows environments with a strong understanding of compliance
requirements. Proficiency in using security tools such as Nessus,
ORCA, AWS Security Hub, Azure Security Center, Google Cloud
Security Command Center, and other vulnerability scanning tools.
Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or
other similar toolsets. Knowledge of scripting languages such as
Python, Bash, PowerShell, Ansible for automation of security
remediation tasks. Excellent problem-solving skills and the ability
to work under pressure in a fast-paced environment. Desired Skills
Experience with IAM / ICAM platforms, identity federation (SAML,
OAuth 2.0, OpenID Connect), and privileged access management.
Hands-on experience implementing Zero Trust and/or SASE/SSE
solutions. Strong knowledge of PIV/CAC, MFA, and certificate-based
authentication. Practical experience with PKI, X.509 certificates,
CRLs/OCSP, TLS, and key management. Experience securing cloud
environments and integrating identity-centric controls. Knowledge
of vulnerability management and patch management processes and
tools. Familiarity with NIST SP 800-53, 800-63, and 800-207, and
FISMA requirements. Ability to automate security and certificate
lifecycle tasks using scripting tools. Strong written and verbal
communication skills. Desire to work in a SAFe environment to
support efficient delivery Additional Requirements: Must be a US
citizen Must be able to obtain public trust prior to starting work.
Excellent interpersonal and communication skills, both written and
verbal. Commitment to following stringent security protocols.
Well-organized, with a high level of attention to detail and the
ability to prioritize tasks. Education Bachelor’s degree in
computer science, Information Technology.
Keywords: Techsur Solutions Llc, Reston , Security Architect, IT / Software / Systems , Reston, Virginia
