Sr. Cybersecurity Architect
RELI Group, Inc. · Baltimore, MD · 3 wk ago
Engineering$140k–$160k/yrFull-time
About the role
The Senior Cybersecurity Architect serves as a senior technical advisor responsible for advancing enterprise security and privacy initiatives across emerging technologies, Cyber Risk Management, Zero Trust architecture, and cybersecurity readiness. This role evaluates and integrates innovative security capabilities, conducts threat-informed risk analysis, and strengthens overall security posture through architecture review, attack surface management, and data-driven decision-making.
Key Responsibilities
- Serve as a senior technical advisor supporting security and privacy initiatives across emerging technology, cyber risk management, Zero Trust, and cybersecurity readiness efforts
- Research, evaluate, and provide strategic recommendations on emerging technologies (e.g., AI/ML, advanced encryption, cloud-native security, automation) to improve the security and privacy posture of the Marketplace
- Assess potential risks, operational impacts, and innovation opportunities associated with new technologies, ensuring alignment with enterprise strategy and mission objectives
- Support Proofs of Concept (PoC) initiatives by incorporating threat intelligence and attack surface analysis, conducting risk assessments (threat, vulnerability, impact), and advising on integration with existing security capabilities
- Examine business, mission, and user practices that contribute to attack surface exposure and recommend holistic risk reduction strategies beyond technical tooling
- Analyze threat trends targeting the enterprise, contextualizing risks within business operations and mission impact
- Evaluate cybersecurity posture using enterprise data sources to identify trends in vulnerabilities, unsupported technologies, findings management, and attack surface risks
- Compare current cybersecurity capabilities against industry best practices and recommend improvements to strengthen overall risk posture
- Develop and execute SQL queries against enterprise cybersecurity data sources to extract, analyze, and validate risk data (e.g., vulnerabilities, unsupported software, findings management metrics), ensuring data-driven decision-making and accurate reporting
- Manage and support ongoing cyber operational activities, including attack surface analysis, cyber risk management processes, and coordination implementing new or enhanced capabilities
- Provide Zero Trust subject matter expertise aligned with enterprise strategy and the CISA Zero Trust Maturity Model, supporting maturation across identity, device, network, application, and data security domains
- Assess system architectures for risk and recommend integration of innovative security approaches throughout the system development lifecycle
- Collaborate with internal teams and stakeholders to advance Zero Trust implementation and ensure continuous monitoring aligns with organizational risk requirements
- Support cybersecurity readiness activities during high-risk operational periods, including tabletop exercise development, threat actor analysis, and stakeholder coordination
- Facilitate cross-organizational security forums and stakeholder engagements to enhance visibility, collaboration, and proactive risk mitigation across the Marketplace environment
Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field required; Master’s degree preferred
- Minimum of 7 years of progressive experience in cybersecurity engineering, security architecture, or cyber risk management
- At least 5 years of experience supporting federal security programs; CMS or HHS experience strongly preferred
- Demonstrated expertise in Zero Trust Architecture, including familiarity with the CISA Zero Trust Maturity Model and federal implementation strategies
- Strong experience in attack surface management, threat intelligence integration, and risk-informed security decision-making
- In-depth knowledge of Cyber Risk Management frameworks, including NIST RMF and NIST Cybersecurity Framework (CSF)
- Proven experience conducting threat, vulnerability, and impact assessments and translating findings into actionable enterprise-level recommendations
- Demonstrated experience performing security architecture reviews and supporting system integration efforts
- Proficiency in SQL for developing and executing complex queries against enterprise cybersecurity data sources to extract, analyze, and validate risk and operational metrics
- Working knowledge of scripting or programming languages (e.g., Python, PowerShell, Bash, or similar) to support data analysis, automation, and security process improvement initiatives
- Strong analytical, documentation, and executive-level reporting skills, with the ability to communicate complex technical risks to non-technical stakeholders
- Experience leveraging federal cybersecurity data platforms and reporting tools (e.g., Tableau, SDL) preferred
- Able to manage multiple operational workstreams and strategic initiatives concurrently in a dynamic federal environment
- One or more of the following relevant industry certifications required, such as CISSP, CISM, CCSP, AWS or Azure Security Specialty, or equivalent cloud and security architecture certifications