Security Architect Consultant

About Our Company:

Delmock Technologies, Inc. (DTI), is a leading HUBZone business in Baltimore, known for delivering sophisticated IT (Information Technology) and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the local community, DTI creates opportunities for talented residents while maintaining a stellar reputation as an award-winning contractor, earning accolades like the Government Choice Award for IRS (Internal Revenue Service) Systems Modernizations.

Location:

This position is remote.

Clearance:

ACTIVE IRS MBI OR PUBLIC TRUST CLEARANCE IS REQUIRED TO BE CONSIDERED FOR THIS POSITION.

Position Overview:

We are seeking a seasoned Lead Security Architect to guide the evolution of the IRS's Modernized e-File (MeF) platform. In this strategic role, you will ensure that security practices are robustly implemented, fully aligned with the IRS's future state architecture. As the primary point of contact for all security-related decisions, you will lead efforts to proactively remediate vulnerabilities, architect secure solutions for the migration to the cloud and containers and drive the adoption of advanced DevSecOps practices. This is a high-impact opportunity to influence the direction of the IRS’s critical e-filing system while ensuring its security, compliance, and resilience.

Primary Responsibilities:

• Lead the development and extension of security solution architectures for the MeF platform, ensuring solutions are scalable, secure, and aligned with the IRS's future state architecture.
• Work closely with cross-functional teams to ensure security is embedded throughout the software development lifecycle.
• Provide architectural solutions and security recommendations for migrating MeF applications to containerized environments and the cloud (AWS GovCloud).
• Collaborate with internal and external stakeholders to ensure that security requirements are met in the cloud and container-based environments.
• Lead the coordination and remediation of security vulnerabilities, leveraging security scanning tools and proactive security practices.
• Respond to customer requests for security assessments, ensuring timely and accurate delivery of remediation plans.
• Provide security recommendations and guidance related to the IRS Portal, which hosts multiple MeF applications.
• Collaborate with other teams to enhance the security posture of the Portal, ensuring it meets federal security standards.
• Create and maintain security-related contractual deliverables in accordance with IRS templates and compliance requirements.
• Collaborate with legal and contracting teams to ensure security deliverables are accurately represented and delivered.
• Estimate and provide Level of Effort (LoE) for Impact Assessments and Vulnerability Remediation Operations (VROM) based on new work requests.
• Provide strategic recommendations and guidance to improve MeF’s DevSecOps maturity, ensuring security automation and continuous monitoring practices are integrated into the development pipeline.

Required Qualifications:

Experience:

• 8+ years in designing, developing, and implementing security architectures for large, complex programs, with a focus on cloud and container environments.
• 8+ years of leadership experience managing teams of security architects, developers, or engineers.
• 5+ years of experience with developing security architectures for applications hosted in cloud environments (AWS, especially AWS GovCloud).
• 5+ years of experience with security in containerized environments (Docker, Kubernetes, etc.).
• 4+ years of experience with microservices security and securing Spring Boot applications.
• 4+ years of experience with DevSecOps practices, including CI/CD pipeline security integration.

Technical Skills:

• In-depth experience with security tools, platforms, and technologies such as AWS GovCloud, Linux platforms, CI/CD tools (IBM Engineering Workflow Management, Git SCM), and vulnerability scanning tools.
• Experience with secure coding practices, application security testing, and risk management.
• Proficiency in developing security solutions that align with federal security standards and regulatory frameworks.

Certifications:

• CISSP (Certified Information Systems Security Professional) certification is required.

Preferred Qualifications:

• Experience with other cloud environments such as Azure Government or Google Cloud for Government.
• Familiarity with relational database technologies and security considerations for cloud-hosted databases.
• Experience with integration technologies like WebMethods, ESB, API Gateways, Event-Driven Architecture, and Kafka.
• Familiarity with Agile and Lean methodologies, particularly in a security context.
• Knowledge of CMMI Level 3 processes and how to implement them within the scope of security architecture.
• Experience with Ping Identity for identity and access management (IAM).
• Experience developing requirements and solutions for security monitoring, alerting, and logging.

Recently ranked as high as #3 among HUBZone Companies in a GOVWIN survey, DTI offers a dynamic environment for those passionate about impactful projects, community involvement, and contributing to top-ranking Federal and State Commissionaires project support teams.

At DTI, we balance continuous growth and innovation with a strong dedication to corporate social responsibility. Join our talented team and be part of a company that values both professional excellence and community impact. Explore the exciting career opportunities awaiting you at DTI!

DTI is committed to hiring and maintaining a diverse workforce. We are an equal opportunity employer making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class.