Security Architect Infrastructure Security Specialist Contingent

Public Trust Eligibility Required

This is a contingent position meaning employment is dependent upon the successful award of the associated contract toAretumand completion of any required background investigation or security clearance verification.

AboutAretum

Aretum is a mission-driven organization committed to delivering innovative technology-enabled solutions to our customers across defense civilian and homeland security sectors. Our teams work at the intersection of strategy technology and transformation helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration inclusion and professional growth are at the forefront.

Job Summary

The Security Architect / Infrastructure Security Specialist assesses enterprise IT environments and designs security architecture improvements for government systems. This role partners with infrastructure network and platform teams to evaluate current-state architecture identify vulnerabilities and security gaps and implement practical standards-aligned controls across identity network endpoints applications and data. The work is grounded in risk-based control implementation and ongoing protection of organizational operations and assets.

Due to the nature of our work as a federal consulting organization employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.

Responsibilities

• Assess enterprise IT environments (on-prem cloud and hybrid) to identify security risks architectural weaknesses misconfigurations and opportunities to improve defense-in-depth
• Design and document security architectures and reference patterns (network segmentation secure remote access privileged access boundary protections logging/monitoring and secure configuration baselines)
• Work with network/infrastructure teams on secure network design and validation including connectivity flows trust boundaries and segmentation approaches aligned to modern federal security architecture practices (e.g. zero trust concepts)
• Lead or support security testing activities for government systems (vulnerability scanning coordination configuration assessments and validation testing) and translate results into clear remediation actions
• Provide technical leadership and project management support for security improvement initiatives (planning task tracking coordinating dependencies and delivery of architecture artifacts)
• Ensure security designs and infrastructure changes align with applicable control requirements and are documented in an audit-ready manner consistent with federal control frameworks
• Create and maintain architecture diagrams security design documentation implementation guidance and standards for operational teams
• Brief technical and non-technical stakeholders on architecture risk tradeoffs and prioritized remediation recommendations

• Minimum 5 years of experience assessing enterprise IT environments (infrastructure networks platforms and/or security engineering in complex environments)
• Demonstrated experience in project management network design and testing the security of government systems to identify vulnerabilities
• Working knowledge of security controls and how they map to enterprise implementations (identity access control configuration management logging/monitoring boundary protections etc.)
• Hands-on familiarity with vulnerability management practices and assessment techniques used to identify deviations and weaknesses in systems/networks
• Strong technical writing skills and ability to produce clear architecture/security documentation and implementation guidance
• Experience implementing or maturing zero trust-aligned security architecture (identity-centric controls segmentation continuous verification)
• Experience applying systems security engineering concepts to ensure security is designed into systems across the lifecycle (not bolted on)
• Experience in federal environments using NIST-aligned security/privacy control catalogs and baselines

Preferred Qualifications

• Bachelors degree in information systems Computer Science Engineering or related field
• Preferred Certifications:
• GIAC Web Application Penetration Tester (GWAPT)
• Certified Ethical Hacker (CEH)
• GIAC Systems and Network Auditor (GSNA)
• Certified Penetration Tester (CPT)
• Certified Expert Penetration Tester (CEPT)
• GIAC Certified Web Application Defender (GWEB)
• Offensive Security Certified Professional (OSCP)
• CREST Penetration Testing Certifications

Travel Requirements

This is a hybrid position with work performed both remotely and at designated client or corporate locations as requirements may vary depending on project assignments client meetings or internal collaboration and will be communicated in advance whenever possible.

EEO Statement

Aretumis committed to fostering a workplace rooted in excellence integrity and equal opportunity for all. We adhere to merit-based hiring practices ensuring that all employment decisions are made based on qualifications skills and ability to perform the job without preference or consideration of factors unrelated to job performance.

As an Equal Opportunity EmployerAretumcomplies withall applicable federal state and local employment laws.

We are proud to support our nations veterans and military familiesprovidingcareer opportunities that honor their service and experience.

If you require reasonable accommodation during the hiring process due to a disability please contactforassistance.

Equal Opportunity Employer/Veterans/Disabled

U.S. Work Authorization

Due to federal contract requirements only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain andmaintaina Public Trust or Suitability Determination depending on the agencys background investigation requirements.

• Health Care Plan (Medical Dental & Vision)
• Retirement Plan (401k)
• Life Insurance (Basic Voluntary & AD&D)
• Paid Time Off
• Family Leave (Maternity Paternity)
• Short Term & Long-Term Disability
• Training & Development

Required Experience:

IC