Cybersecurity and Compliance Architect

Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challenges in Health, Defense, and Civilian missions. Our proven Empower AI Platform® provides a practical, sustainable path for clients to achieve transformation that is true to who they are, what they do, how they work, with the resources they have. The result is a government workforce that is exponentially more creative and productive. For more information, visit www.Empower.ai.

Empower AI is proud to be recognized as a 2024 Military Friendly Employer by Viqtory, the publisher of G.I. Jobs. This designation reflects the company’s commitment to hiring and supporting active-duty and veteran employees.

The Cybersecurity and Compliance Architect holds a critical position, ensuring that our corporate information systems not only comply with but also excel beyond the standards set by CMMI, ISO 9001, ISO 20000, and ISO 27001. This role demands a sophisticated blend of compliance oversight coupled with a robust technical skill set in planning, prototyping, engineering, implementing, operating, and monitoring complex information systems. The architect will ensure systems' security, enhance operational efficiency, and guarantee adherence to necessary regulatory compliance standards, with a particular emphasis on leveraging Microsoft Azure security solutions.

Responsibilities:

• Comprehensive Standards and Compliance Leadership: Gain and maintain deep knowledge of CMMI, ISO 9001, ISO 20000, and ISO 27001 standards. Spearhead compliance projects to certify that all corporate information systems meet and exceed these benchmarks.
• Expert System Architecture and Engineering: Perform detailed hands-on work related to designing, prototyping, and engineering of cybersecurity solutions, with a special focus on configuring and operating Microsoft Azure Security. Evaluate and enhance existing systems for better efficiency and compliance, and design new cybersecurity architectures to fulfill evolving requirements.
• Operational Excellence and Security Management: Oversee the daily operations of cybersecurity systems (i.e. SOAR, DLP, Security Center, Vulnerability Scanners, Email Security Gateways, etc.), prioritizing stability, performance, and security. Implement continuous monitoring strategies to detect and actively remediate vulnerabilities to meet SLA requirements, with an emphasis on utilizing Microsoft Azure's security capabilities to safeguard information integrity and reliability.
• Strategic Stakeholder Engagement: Collaborate with internal stakeholders, including IT departments, operational leaders, and senior management, to ensure that cybersecurity practices are seamlessly integrated with organizational strategic goals and compliance demands.
• Audit, Reporting, and Progressive Improvement: Conduct comprehensive audits of information systems to assess compliance with required standards and identify improvement opportunities. Generate detailed reports on audit outcomes, system performance, and compliance status. Lead efforts to mitigate gaps and enhance system capabilities, with an emphasis on continuous improvement.
• Knowledge Sharing and Mentorship: Offer expert advice and training to team members and stakeholders on compliance standards, best practices in system security, and technical procedures, particularly those related to Microsoft Azure security solutions. Ensure all team members possess the necessary knowledge and skills to support compliance and security efforts effectively.

Qualifications:

• Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is required.
• Training and/or certifications in CMMI, ISO 9001, ISO 20000, and/or ISO 27001 are required.
• Cloud-focused certification or proven expertise in Microsoft Azure security solutions are highly desired.
• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field, with a Master's degree preferred. In lieu of a degree, equivalent years of experience in information technology, system architecture, or cybersecurity, with specific experience in Microsoft Azure security solutions, will be considered.
• Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is required.
• Training and/or certifications in CMMI, ISO 9001, ISO 20000, and/or ISO 27001 are required.
• Cloud-focused certification or proven expertise in Microsoft Azure security solutions are highly desired.

 Requirements:

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field, with a Master's degree preferred. In lieu of a degree, equivalent years of experience in information technology, system architecture, or cybersecurity, with specific experience in Microsoft Azure security solutions, will be considered.
• 10+ years experience in information systems and cybersecurity architecture, including with Microsoft Azure security solutions.
• Demonstrated ability to achieve compliance with CMMI, ISO 9001, ISO 20000, and ISO 27001 standards. With proven ability to generate compliance and cybersecurity documentation (i.e. Policies, Procedures, and Plans).
• Strong background in system planning, engineering, and operational management.
• Outstanding project management and organizational skills.
• Effective communication abilities for conveying complex technical and compliance issues to diverse audiences. With proven ability in briefing executive management.

Disqualifiers

• Lack of technical expertise in system architecture, engineering, or information security, especially with Microsoft Azure security solutions.
• Non-possession of advanced cybersecurity certifications.
• Absence of relevant educational background in Information Technology or Cybersecurity.
• Insufficient experience with compliance management related to the specified standards and technologies.

Physical Requirements

• Communicate verbally and respond to verbal communications in person and over the phone.
• Communicate clearly and succinctly in writing, primarily utilizing a keyboard. 
• Engage in intermittent physical activity, including bending, reaching, lifting, filing, and prolonged periods of sitting.

It is the policy of Empower AI to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations. In addition, we affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, or gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations. Empower AI is a VEVRAA Federal Contractor.