Search

296,034 Jobs

No logo available
Mechanical Solutions Inc.
locationO'Fallon, MO, USA
PublishedPublished: 7/14/2026
No logo available
Ndimensions IT
locationHartford, CT, USA
PublishedPublished: 7/14/2026
No logo available
Allied Universal
locationBlytheville, AR 72315, USA
PublishedPublished: 7/14/2026
No logo available
VAST Networks
locationFresno, CA, USA
PublishedPublished: 7/14/2026
No logo available
Lakeside Condominium Apartments of Deltona
locationDeltona, FL 32725, USA
PublishedPublished: 7/14/2026
No logo available
Avid Practice
locationBaltimore, MD, USA
PublishedPublished: 7/14/2026
No logo available
Allied Universal
locationEaston, PA, USA
PublishedPublished: 7/14/2026
No logo available
Innosoft Corporation
locationBethesda, MD, USA
PublishedPublished: 7/14/2026
No logo available
Three Forks Ranch
locationSavery, WY 82332, USA
PublishedPublished: 7/14/2026
No logo available
Avondale Health and Rehabilitation Center
locationHumboldt, TN 38343, USA
PublishedPublished: 7/14/2026

Security Architect - Zero Trust

Innosoft Corporation
locationBethesda, MD, USA
PublishedPublished: 6/14/2022
Real Estate
Full Time

Job Description

Job Description

Designation

Key Personnel

GSA MAS Labor Category

Security Architect

Level of Effort

1.0 FTE (1,880 hours per period), all five performance periods

Location / Hours

Remote-first; periodic on-site in Bethesda, MD; core hours 7:00 a.m.–6:00 p.m. ET M–F plus emergency after-hours

Clearance

Tier 2 Public Trust (MBI-5B) — must obtain and maintain


Key Personnel Conditions

Key Personnel designation under HHSAR 352.237-75 (RFQ Section G.3). A signed Letter of Commitment is required at quote submission (RFQ L.6.1, Factor 3, as amended). The incumbent may not be diverted or replaced without Contracting Officer written consent for the life of the task order (Base plus four option periods, through August 2031). U.S. work authorization and the ability to obtain and maintain a Tier 2 (Public Trust / MBI-5B) background investigation are required (RFQ H.11.11). Performance is remote-first with periodic on-site presence at NIH facilities in Bethesda, MD for meetings, exercises, and incident response (SOW Section 7). Core coverage hours are 7:00 a.m. to 6:00 p.m. ET, Monday through Friday, with emergency after-hours availability (RFQ F.5).

Role Summary

Technical authority for the NIH/OD-OIT security architecture and owner of the program's most visible engineering deliverables: the Baseline Zero Trust Security Architecture Reference Documents (due 90 days after award) and the Data Center Privileged Access Standard Operating Procedure (due 60 days after development of the Zero Trust privileged access architecture).

Leads the design, documentation, and implementation of Zero Trust security solutions across on-premises and cloud environments in accordance with OMB Memorandum M-22-09, and provides strategic thought leadership to the OD CISO on security engineering, emerging threats, and modernization.

Key Responsibilities

• Develop, document, and drive Government approval of Zero Trust reference architectures and security patterns for cloud and on-premises systems; define the maturity roadmap across the five Zero Trust pillars (identity, devices, networks, applications/workloads, data).

• Architect privileged access controls (PAM, formalized RDP/SSH access points) and author the Privileged Access SOP; align enforcement with Zero Trust policy goals.

• Provide senior engineering direction across the contractor-managed security stack — SIEM, EDR, next-generation firewall, WAF, DLP, PAM, IDS/IPS, and cloud security — including gap identification, tool optimization, and the System Administration and Engineering Gaps Remediation Reports.

• Support enhanced incident response capability design within Zero Trust architectures; advise Tier 2/3 forensics and SOC engineering on detection and containment patterns.

• Contribute architecture input to RMF authorization boundaries, FedRAMP package reviews, and C-SCRM third-party risk assessments; brief executives and produce decision-quality architecture artifacts.




RequirementsMinimum Qualifications

  • Bachelor’s degree in computer science Security, Information Technology, or a related field. Master's Degree in IT Security/ Zero Trust preferred.
  • 10+ years in security engineering or architecture for enterprise or federal environments, including 3+ years designing or implementing Zero Trust architectures referencing OMB M-22-09, NIST SP 800-207, and/or the CISA Zero Trust Maturity Model.
  • CISSP-ISSAP (or CISSP plus SABSA/TOGAF with documented Zero Trust delivery). – WE have room on this
  • Hands-on architectural command of at least four of: enterprise SIEM, EDR, NGFW, WAF, DLP, PAM, IDS/IPS, CASB/cloud security — in hybrid on-premises plus cloud) environments.
  • Demonstrated authorship of Government-approved architecture reference documents or SOPs — written deliverables are a core output of this position, not an afterthought.
  • Experience within FISMA Moderate environments; fluency in NIST SP 800-53 Rev. 5 control architecture implications.

Preferred Qualifications

• Zero Trust implementation at HHS/NIH or another federal health agency; familiarity with research-computing and PHI/PII data-protection contexts.

• Cloud security architecture certification (CCSP, or AWS/Azure security specialty).

• Experience designing SOAR/automation-enabled operations and AI-security overlays; NIST AI RMF 1.0 exposure supports SOW 5.10 requirements for AI/ML systems.



BenefitsStandard Employee Benefits.
50% Health Insurance Paid by Innosoft, Paid Vacation, 401K Match, STD LTD and AD&D paid by Innosoft.