Lead technical design and implementation of the enclave, including multi‑cloud architecture, data components, virtual desktops, and core platform services for data access, linkage, and analytics.
Translate FISMA Moderate, FedRAMP Moderate, CMS ARS, NIST, and Zero Trust requirements into architectures, controls, and configurations.
Design and oversee IAM, RBAC, logging and monitoring, data ingestion, and HPC capabilities to support research workloads.
Drive Zero Trust implementation, including segmentation, continuous monitoring, least‑privilege enforcement, and integration with federated identity and authentication services.
Build, refine, and automate onboarding, workspace provisioning, and usage monitoring to support enclave operations, scalability, and cost optimization.
Design and manage the secure management and tracking of RWD going into and through the cloud for use by researchers.
Coordinate with program and technical leads to ensure secure, performant pipelines for ingest, masking, linkage, and research‑ready file creation within enclave workflows.
Lead enclave security and compliance lifecycle, including control implementation, evidence development, independent assessments, remediation, & continuous monitoring.
Provide technical direction and mentoring to enclave engineers, architects, security engineers, SREs, and operations staff.

Requirements

Bachelor’s degree in a relevant field; equivalent combination of education and experience may be considered.
Deep knowledge of federal IT and security frameworks including FISMA Moderate, FedRAMP Moderate, NIST SP 800‑53, NIST SP 800‑137, and CMS Acceptable Risk Safeguards, with familiarity with Zero Trust concepts.
Broad technical background across networks, operating systems, cloud services, security engineering, and data platforms.
At least 7 years of experience designing and implementing secure, large‑scale cloud or enclave environments for federal or highly regulated customers, including multi‑account and multi‑cloud architectures.
Proven experience as a technical lead for efforts of comparable size and complexity, including design authority and technical mentoring.
Hands‑on experience with at least one major cloud provider and working in or integrating with FedRAMP Moderate environments.
Strong understanding of IAM, RBAC, encryption at rest and in transit, centralized logging, security event monitoring, and continuous monitoring in support of ATO.
Experience supporting or leading ATO efforts for Moderate systems, including security documentation and collaboration with independent assessors.
Strong collaboration skills with cross‑functional technical and program teams, and excellent written and verbal communication for technical and executive audiences.
Ability to obtain and maintain a Public Trust or higher and authorization to work in the United States.
Willingness to travel 10–25% to support on‑site collaboration in the DC Metro area.

Benefits

Comprehensive benefits and wellness packages
401K with company match
Competitive pay and paid time off
Full-flex work week to own your priorities at work and at home
Award-winning culture of innovation and a military-friendly workplace

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

multi-cloud architecturedata componentsvirtual desktopsIAMRBACdata ingestionHPC capabilitiesZero Trust implementationencryption at restsecurity event monitoring

Soft Skills

technical directionmentoringcollaborationcommunication

Certifications

Bachelor’s degreePublic Trust