DevSecOps Cybersecurity Architect bei International Logic Systems, Inc.
International Logic Systems, Inc. · Fairfax, Vereinigte Staaten Von Amerika · Hybrid
- Senior
- Optionales Büro in Fairfax
ILS Inc. is seeking an experienced Development Security and Operations (DevSecOps) Cybersecurity Architect to drive the secure design, development, and deployment of enterprise IT systems for a federal program. This role is critical in integrating security into every stage of the software development lifecycle (SDLC) and DevOps pipeline, ensuring compliance with federal cybersecurity requirements (NIST 800-53, FedRAMP). This position requires on-site presence two days per week at our Fairfax, VA headquarters.
MUST BE LOCAL TO DC METRO AREA (hybrid support - 2 days in ILS HQ office, located in Fairfax, VA 22033).
Must be able to be W2 employee; no C2C.
Responsibilities:- Develop a comprehensive roadmap and implementation plan for achieving Continuous Authorization to Operate (cATO), including integration with DevSecOps pipelines and compliance processes.
- Architect and develop secure DevSecOps practices, embedding security into CI/CD pipelines and development workflows.
- Design and maintain cybersecurity architecture strategies aligned with federal and program security objectives.
- Collaborate with development, operations, and security teams to design automation-driven security controls across application and infrastructure layers.
- Evaluate, recommend, and implement tools that enhance the organization’s security posture
- Serve as the primary security point of contact for assigned federal information systems throughout the DevSecOps Life Cycle.
- Ensure compliance with NIST 800-53, FedRAMP, and agency-specific cybersecurity frameworks.
- Implement tools and processes for supply chain management such as SBOM management, container security and scanning.
- Coordinate with system owners, engineers, developers, and external stakeholders to implement security controls and remediation strategies.
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
- 5+ years of cybersecurity or information security experience, with hands-on experience in secure software development or DevSecOps.
- Strong knowledge of NIST SP 800-53, FedRAMP, and RMF processes.
- Experience with containerization and cloud-native security (Docker, Kubernetes/EKS, ECS/Fargate).
- Familiarity with security automation and scanning tools (e.g., Snyk, Twistlock, SonarQube, Nessus, Qualys).
- Experience preparing and maintaining ATO packages and supporting Continuous Monitoring (ConMon).
- Excellent technical documentation, communication, and leadership skills
Preferred Skills
- Professional certifications such as CISSP, CISM, CAP, or Security+.
- Experience using eMASS, CSAM, or other compliance management platforms.
- Understanding of cloud security controls in AWS, Azure, or GCP environments.
- Strong background in supply chain security, SBOM management, and zero-trust architecture.
- Experience supporting federal applications and mission-critical environments.