Haystack
← Back to Jobs
Technology

4440 Cyber Security Architect with Security Clearance

Procession SystemsQuantico, VA🇺🇸United StatesPosted 13 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

OVERVIEW: We are seeking a highly skilled Cyber Security Architect/Engineer to provide technical expertise, guidance, documentation, and recommendations for the following: Systems, networks, and cloud environments (i.e., AWS, Azure, etc.); Developing technical solutions and new security tools to help mitigate vulnerabilities; Performing vulnerability management assessments, penetration testing, and risk analysis to identify and remediate weaknesses; Automation and scripting using languages like Python, Bash, or PowerShell to automate repetitive security related tasks and building custom tools; Compliance and hardening ensuring systems meet industry and government standards and implementing system hardening protocols (e.g., DISA- STIGs) and; Providing mentorship to junior engineers and collaboration across cross-functional teams to integrate security into the software development lifecycle. GENERAL DUTIES: * Develop technical solutions and new security tools to help mitigate security vulnerabilities and automating repeatable tasks * Design secure cloud infrastructure blueprints for AWS, Azure, etc. * Build automated security checks into deployment pipelines * Implement continuous security monitoring, logging, and alerting systems * Ensure cloud environments meet SOC2, ISO27001 and HIPPA standards * Assist security personnel in responding to incidents across a wide array of technologies, mitigating and containing impacts, coordinating remediation efforts, and documenting recommendations for improvement to include cloud specific security alerts and vulnerabilities * Define Identity and Access Management policies and encryption standards * Provide up-to-date reports on security incidents and task process * Maintain documentation to support security strategies for networks by outlining the requirements and benefits of specific security tools and/or solutions REQUIRED QUALIFICATIONS: * A bachelor's degree from an accredited college or university in Computer Science, Cyber Security, Engineering, Cybersecurity, or related field. * Industry-recognized security credentials such as CISSP, CISM, Security+, CCSP, CSPM, and CNAPP, or similar certification. * AWS Certified Security - Specialty; Microsoft Certified: Azure Security Engineer Associate. * At least six (6) years of experience as a Cyber Security Architect/Engineer in a corporation, government, or commercial firm. * At least three years of experience securing enterprise cloud infrastructure (e.g., AWS, Azure, etc.) * Proficient with Infrastructure as Code security tools (Terraform, CloudFormation). * Ability to engineer and deploy security toolsets to include SIEM (Splunk), EDR (CarbonBlack), Vulnerability scanners (Nessus, Qualys) and analytics solutions (Elastic Stack (Elasticsearch, Logstash, Kibana - ELK), or similar). * Experience scripting with Python, Bash, or PowerShell for security automation. * Deep knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS) and firewalls. * Proficiency in securing both Linux and Windows environments. * Experience with container security (Docker, Kubernetes) and cloud-native security tools. * Experience conducting security assessments, penetration testing and/or ethical hacking, and identifying and mitigating vulnerabilities. * Excellent analysis and critical thinking skills. * Exceptional leadership and organizational skills. * Experience working with technical teams in customer environments * Excellent oral and written communication skills. DESIRED QUALIFICATIONS: * Architect and operate a hybrid SIEM stack spanning Microsoft Sentinel and Splunk Enterprise across on-prem, Azure, AWS; design ingestion pipelines (DCR/AMA, Splunk UF/HF/HEC), normalization with ASIM/CIM, and cross-workspace/cross-tenant event sharing. * Lead security architecture reviews and reference designs aligned to Zero Trust, NIST 800-53/207, CNSSI 1253; deliver threat models, contr ol mappings, and security data flow diagrams for collection networks. * Build and maintain detections-as-code: author and version KQL/SPL analytics, watchlists, and entity behavior rules with MITRE ATT&&CK coverage. * Administer a proactive threat-hunting program using KQL/SPL, Jupyter notebooks (MSTICPy), Sigma conversion, and purple-team ATT&&CK emulations; convert hunt findings into resilient analytics and anomaly baselines. * Optimize telemetry governance and cost: table/namespace policies, retention tiers/archival, Splunk license and index strategy, Sentinel ingestion caps and data filters in addition to egress contr ols for sensitive / classified data. * Establish incident response operations and service level objectives: unify case management (Sentinel Incidents, Splunk ES Notables), evidence handling, post-incident reviews, and executive dashboards/metrics for readiness and dwell time. * Provide tiered platform support and enablement: backlog grooming, rule/playbook quality assurance, change contr ol, analyst/admin training, and Authority-to-Operate/Risk Management Framework continuous monitoring package updates as required. CLEARANCE: * Active Top Secret minimum clearance

Skills

Docker
AWS
ELK
Encryption
Logstash
Splunk
TCP/IP
Azure
Bash
CloudFormation
DNS
HTTP
HTTPS
Jupyter
Kibana
Kubernetes
Penetration Testing
PowerShell
Python
Terraform
Zero Trust

Similar jobs