We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
LCG, Inc. jobs

Security Architect

LCG, Inc.
$100,000.00 - $200,000.00 / yr
vision insurance, retirement plan
United States, Maryland, Rockville
6000 Executive Blvd Ste 410 (Show on map)
Jan 19, 2026

Location: Rockville, MD

Work Type: Hybrid Work (Minimum 2 days onsite - may extend based on client meetings, delivery needs, and proposal support)

Job Title: Security Architect

Clearance: Public Trust

Job Summary: LCG is seeking a Security Architect provides enterprise cybersecurity architecture and engineering support to Client's Office of Management, Technology and Operations (OMTO), Division of Technology Management (DTM). This role is responsible for designing and improving security architecture across hybrid (cloud + on-premises) environments, ensuring alignment with HHS and federal cybersecurity mandates, and supporting modernization efforts that strengthen security posture, improve operational resilience, and enable compliant system delivery.

The Security Architect will lead technical planning for security control implementation, provide guidance to stakeholders across infrastructure and application teams, and contribute to remediation strategy, continuous monitoring alignment, and integration of security requirements into enterprise environments. The position supports Client's cybersecurity and risk-based program objectives including improving security infrastructure, integrating federal requirements into operational execution, and supporting continuous monitoring and automation activities.

Key Responsibilities

Security Architecture Design & Improvement



  • Design and recommend enterprise security architecture improvements for Client systems, focusing on strengthening security posture across network, infrastructure, cloud, and application layers.
  • Develop security architecture artifacts such as:


    • Target-state security architecture models
    • Security service integration patterns (identity, logging, scanning, endpoint security, WAF)
    • Security control inheritance mapping for enterprise services and shared platforms


  • Conduct architecture reviews to identify security gaps and opportunities for improved resiliency and compliance alignment.


Vulnerability Remediation Strategy Support



  • Support the development of vulnerability remediation strategies by analyzing scan results, security weaknesses, and systemic configuration issues impacting Client environments.
  • Recommend enterprise remediation approaches such as:


    • Standard security baselines (e.g., hardened images, secure configurations)
    • Compensating controls where patching is delayed or constrained
    • Repeatable remediation processes across system classes (servers, endpoints, cloud workloads)


  • Assist stakeholders in prioritizing remediation based on risk, mission impact, and federal compliance expectations.


Analyze HHS Design Requirements & Security Impacts



  • Analyze HHS and federal design requirements and evaluate impacts to Client's architecture, implementations, and operational processes.
  • Translate requirements into actionable security architecture guidance for:


    • Infrastructure engineering teams
    • Application owners and system developers
    • Governance/compliance stakeholders (FISMA, RMF, POA&M coordination)


  • Provide architectural interpretation and support for new security mandates and evolving federal expectations.


Define Security Deployment Approach (Enterprise Implementation Patterns)



  • Define secure deployment approaches for new and existing systems, ensuring security controls and tools are implemented consistently and efficiently.
  • Produce standardized design approaches for:


    • Secure logging and monitoring architectures (supporting SIEM/Splunk ingestion and monitoring coverage)
    • Vulnerability scanning integration and automated evidence generation
    • Identity and privileged access integration (IAM + PAM patterns)


  • Ensure solutions support both operational needs and compliance requirements.


Implementation Plans for New Controls, Capabilities, and Tools



  • Create implementation plans for deploying new security controls or tool capabilities, including:


    • Scope definition and technical prerequisites
    • Integration dependencies across teams and environments
    • Phased rollouts, validation checkpoints, and operational transition steps


  • Support adoption of security tools and security control implementation activities that improve Client's maturity and automated security posture.


Support Cloud + On-Prem Security Integrations



  • Architect integration of cloud and on-prem solutions to support secure hybrid operations aligned to Client's enterprise security framework.
  • Support integration activities involving:


    • Cloud security tooling integrations
    • Network security boundaries and monitoring pipelines
    • Web application protection patterns (e.g., WAF integrations)


  • Assist with secure architecture decisions for systems operating under federal compliance constraints.


Provide Technical Guidance to Stakeholders



  • Provide technical leadership and architecture guidance to cross-functional stakeholders including system owners, engineers, program teams, and compliance personnel.
  • Support design reviews, technical working sessions, and architecture decision-making, including:


    • Explaining security control requirements and implementation options
    • Advising on secure patterns for system modernization and new deployments
    • Collaborating on resolving engineering blockers impacting security posture



Support Modernization & Automation Initiatives



  • Support modernization initiatives that improve Client's cybersecurity capability through automation and improved security-by-design practices.
  • Contribute architecture guidance for initiatives such as:


    • Enhanced continuous monitoring approaches (NIST SP 800-137 aligned)
    • Integrating security requirements into DevSecOps/CI/CD delivery pipelines (as applicable to security automation goals)
    • Supporting implementation strategies for improved security metrics and reporting capabilities



Requirements:

Education: Bachelor's degree in one of the following or related technical discipline (Cybersecurity / Information Assurance /Information Systems / Information Technology / Computer Science / Engineering)

Certification: Preferred: CISSP (industry standard preferred credential for senior security architecture roles)

Experience:



  • Minimum: 5+ years of experience in enterprise security architecture and/or security engineering


  • Experience supporting federal cybersecurity programs and security governance objectives (FISMA/NIST-aligned)
  • Hands-on exposure to cloud security architecture and hybrid integration patterns
  • Experience designing security modernization approaches (automation, improved monitoring, scalable control deployment).
  • Strong background in security architecture and security engineering with demonstrated ability to design enterprise security solutions
  • Experience developing architecture recommendations that improve security posture across hybrid IT environments
  • Ability to evaluate and translate security requirements into actionable architecture decisions and implementation plans
  • Working knowledge of:


    • Vulnerability remediation strategy development and execution support
    • Continuous monitoring practices and operational security reporting
    • Security tool integrations and technical dependencies across organizations



Tools Set / Platforms

The Security Architect will work across architecture and compliance support tooling such as:



  • Security architecture tools (models, diagrams, and enterprise design artifacts)
  • GRC artifacts and governance documentation (e.g., control evidence, security posture analysis)
  • Cloud security tooling and hybrid security capabilities
  • Scanning tools outputs used to drive remediation and risk reduction efforts


Compensation and Benefits

The projected compensation range for this position is $100,000 to $200,000 per year, benchmarked in the Washington, D.C. metropolitan area. Salary at LCG is determined by various factors, including but not limited to role, location, education/training, skills, certifications, and experience.

LCG offers a competitive and comprehensive benefits package including medical, dental, and vision insurance, life and disability insurance, retirement plan contributions, paid leave, federal holidays, professional development opportunities, and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact Human Resources at hr@lcginc.com.

Securing Your Data

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advance payment during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com email addresses.



Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-hhjqk)