Security Architect

Remote
Full Time
Department of Veterans Affairs (VA)
Experienced
 
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​Remote
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​Full Time
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​Ability to obtain & maintain a Public Trust *

* US Citizenship and the ability to obtain and maintain the clearance level stated above are required for this specific opportunity. Tria Federal (Tria) is unable to sponsor at this time.

 
Who We Are:
Tria Federal (Tria) is the premier middle-market IT and Advisory services provider delivering digital transformation solutions to Civilian, Defense, and Intelligence agencies across the federal sector. With a future-forward vision and a mission rooted in service, we bridge capability gaps to help government agencies work faster, grow smarter, and stay nimble in the face of change. Wherever our customers are in their modernization journey, we are the trusted navigator in the path to possible.
 
Follow us on LinkedIn#PoweringPossible
 
Who You Are:
You are a talented Security Architect with at least 4+ years of experience and a passion for thinking big, taking action, and delivering exceptional results. You are outcome-driven, quality-obsessed, and relentlessly focused on innovation as a value driver for world-class delivery, client satisfaction, and performance. You’re looking to grow as a professional in a team-oriented environment where you can put your fingerprint on mission-critical projects impacting the citizens we serve.
Military Veterans and individuals with disabilities are encouraged to apply! 
 
About This Role:

 
Tria Federal (Tria) is seeking a talented Security Architect to join our team. The Security Architect supports the implementation of Portfolio and Product Line Architecture across the Department of Veterans Affairs Office of Information & Technology (VA OIT) by gathering and analyzying security artifacts as part of an integrated Enterprise Architecture in accordance with the VA EA Architecture Development Methodology (ADM). The Security Architect analyzes models to determine gaps and areas of concern as well as design the target state for improving cyber security compliance and reduces risk profiles across the Enterprise. The Security Architect, in collaboration with VA business and OIT stakeholders, proposes solutions and create epics that improve security compliance and risk reduction in each product line. The EA/SA reviews and revises artifacts with Product Management and business partner participation using the VA Enterprise Architecture Management Suite (VEAMS).

This effort requires reviewing strategic plans and goals, conducting analysis, interviewing, and collaborating with VA stakeholders to fully understand the portfolios. The Security Architect highlights gaps and areas of concern as well as opportunities for efficiencies using approaches such as agile, CI/CD, and DevSecOps

Responsibilities: 
 
  • General understanding of cybersecurity principles, best practices, and industry standards, including confidentiality, integrity, and availability (CIA triad), as well as common attack vectors and threat actors.
  • Ability to understand and interpret comprehensive security architectures that address the organization's risk profile, compliance requirements, and business objectives.
  • Proficiency in secure network architectures, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, network segmentation, and secure remote access solutions.
  • Experience with securing cloud environments (e.g., AWS, Azure, Google Cloud) and services, including identity and access management (IAM), data encryption, network security groups, and cloud security posture management (CSPM) tools, and an understanding of shared responsibility between the cloud provider and the end user.
  • Knowledge of secure coding practices, web application firewalls (WAFs), secure software development life cycle (SDLC) methodologies, and vulnerability assessment tools to mitigate application-layer risks.
  • Expertise in Identity and Access Management (IAM) technologies and solutions, including single sign-on (SSO), multi-factor authentication (MFA), role-based access control (RBAC), and privileged access management (PAM).
  • Understanding of endpoint security controls, including antivirus/antimalware solutions, host intrusion detection/prevention systems (HIDS/HIPS), endpoint detection and response (EDR), and device encryption.
  • Familiarity with data encryption, tokenization, data loss prevention (DLP), and data classification techniques to protect sensitive data at rest, in transit, and during processing. This includes protection within cloud environments.
  • Knowledge of Security Operations Center (SOC) processes, incident response procedures, threat hunting techniques, and security information and event management (SIEM) platforms for proactive threat detection and response.
  • Ability to conduct risk assessments, threat modeling, and security risk analyses to identify, prioritize, and mitigate security risks effectively.
  • Ability to communicate security risks and recommendations to technical and non-technical stakeholders, as well as to document security architecture designs and requirements.
  • Basic project management skills to plan, coordinate, and execute security projects, including resource allocation, budgeting, and timeline management.

The “Need-to-Have” Skills & Qualifications:
  • Understanding of Compliance and Industry Regulations (e.g., GDPR, HIPAA, PCI DSS), compliance requirements, and security frameworks (e.g., NIST, ISO 27001) to ensure adherence to legal and regulatory standards. Prefer an understanding of NIST 800-53, NIST 800-37, and NIST 800-39.
  • Must have a good working knowledge of foundational cloud aspects and architectures
  • Must understand encryption types (symmetric / asymmetric) as well as encryption algorithms such as RSA and DSA.
  • Must have a strong communication skillset to be able to translate security points to government customers.
 
Professional Certifications:
CISSP (Certified Information Systems Security Professional)
Education:Bachelor’s Degree 
Clearance:Ability to obtain and maintain Public Trust
Years of Professional Experience:
4 years (at least 2 years of Cloud Experience) 
 
The “Nice-to-Have” Skills & Qualifications:
  • Prefer candidate to have strong knowledge and an understanding of security best practices with cloud architectures and the ability to use cloud-based tools to audit environments for compliance
  • Familiarity with API’s (Application Programming Interfaces) and API types
  • Desired understanding of DISA STIG (Security Technical Implementation Guide)
Professional Certifications:
AWS / Azure / Google Cloud (Foundational and security-based)


​​​​​​
Why Tria?
What defines the Tria brand is more than just our dedication to excellence in our craft; it’s our incredible team of dedicated, talented, and passionate people that make Tria so exceptional. As people powering possible, we are all partners in our team’s shared success.
As a company that cares about people, we seek to cultivate a culture in which all can thrive personally and professionally. We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work and in life. At Tria, we are growth-minded, entrepreneurial in spirit, and committed to fostering a culture of inclusion and opportunity for all. Whatever your background, your role, your department, or stage in your professional journey, here you will have opportunities to learn new skills, seize new challenges, and advance your career as we grow.


Job Listing ID: job_20230417163945_WCQEPTCB0BDBNPCK



 

Equal Employment Opportunity (EEO):

Tria Federal (Tria) is a Federal Contractor and EEO, OFCCP, VEVRAA, and Affirmative Action Employer.

As an Equal Employment Opportunity provider, Tria follows the protection of federal, state, and local law: Qualified applicants will receive consideration for employment without regard to race, color, creed, religion, age, national origin, marital status, disability, veteran status, sexual orientation, gender identity or expression, marital status, or genetic information.

U.S. Citizenship is required for this specific opportunity as Tria is unable to sponsor at this time. All selected applicants will be subject to a Minimal Background Investigation (MBI) and a government security investigation (when applicable) depending on the specific program and position listed. This includes but is not limited to: meeting the eligibility requirements for access to classified information and the ability to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to: criminal history, employment verification, education verification, drug testing, and creditworthiness.

Qualified individuals with a disability have the right to request a reasonable accommodation. If you are unable or limited in your ability to use or access the Tria careers website as a result of your disability, please request a reasonable accommodation by sending an e-mail to hrhelp@triafed.com or call (703) 229-5888. Include the nature of your request, along with your name and contact information.

Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

150
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status



Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*