Senior Security Architect

About Aquia

Aquia is a Veteran-founded digital services firm that helps the government modernize and secure its systems and processes. Named the “#1 Best Remote Startup to Work For in 2025” by Built In and a certified “Great Place to Work” for five years in a row, we prioritize outcomes over outputs- supporting work that benefits millions of Americans.

The systems we modernize help Veterans access their earned benefits in days instead of weeks, enable investigators to double their health care fraud investigations, and help civil servants achieve system authorizations in roughly a quarter of the time. Our contributions earned us recognition as the Department of Health and Human Services (HHS) Service-Disabled Veteran-Owned Small Business of the Year in 2024.

We hire people who take ownership, raise the bar, and lift up those around them while they do it.

All applicants must have an active Top Secret clearance to be considered for this role. Please do not apply if you do not have active Top Secret clearance.

We are seeking a Senior Security Architect to lead the design and evolution of secure, scalable, multi-tenant system architectures in support of federal programs. This is a senior technical role requiring someone who can translate federal security frameworks and enterprise standards into architecture decisions that hold up in production at scale.

You will own security architecture across complex, multi-tenant cloud and enterprise environments, ensuring that system designs are not only compliant with federal requirements but engineered to be resilient, operable, and defensible. You bring hands-on experience administering enterprise systems alongside the architectural judgment to know what works when it actually meets production. An active Top Secret clearance is required from day one.

What You'll Do

• Lead the design of secure, scalable, multi-tenant architectures for federal cloud and enterprise programs, balancing security rigor with operational practicality
• Align system architecture with applicable federal security frameworks, enterprise standards, and agency-specific requirements, translating policy into implementable design
• Develop and maintain security architecture documentation including reference architectures, architecture decision records, system design diagrams, and technical roadmaps
• Perform architecture reviews and threat modeling for new and existing systems; identify design-level risks and drive mitigation before they reach production
• Serve as a technical authority on security architecture questions, providing guidance to engineering teams, ISSOs, program managers, and government stakeholders
• Evaluate emerging technologies and architectural patterns for security implications and fitness for federal environments
• Partner with cloud, DevSecOps, and platform engineering teams to ensure security architecture is implemented correctly and consistently across environments
• Support RMF and authorization activities by providing architectural context, design rationale, and evidence of security control implementation
• Establish and enforce architecture standards, patterns, and guardrails that scale across the enterprise

Required Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field; equivalent combination of education and demonstrated experience considered
• 7+ years of hands-on experience administering enterprise-scale applications and systems; able to ground architectural decisions in operational reality
• 3+ years supporting production systems; understands the constraints, failure modes, and operational pressures that architecture must account for
• Active Top Secret (TS) clearance required- candidates without an active TS clearance will not be considered; sponsorship is not available for this role
• U.S. citizenship required, must be currently located in the United States.
• Demonstrated experience designing secure, scalable, multi-tenant systems in enterprise or federal cloud environments
• Ability to develop reference architectures, threat models, and architecture decision records that inform engineering teams and satisfy federal oversight requirements
• Experience aligning system architecture with NIST SP 800-53, NIST SP 800-37 (RMF), and other federal cybersecurity standards
• Familiarity with FedRAMP, DoD CC SRG, Zero Trust architecture principles, and/or agency-specific security overlays
• Experience designing systems that serve multiple tenants with distinct security, access, and compliance requirements while maintaining isolation and shared operational efficiency
• Ability to perform security design reviews, conduct threat modeling, and identify architectural risks with practical mitigation recommendations
• Ability to communicate complex architecture and security concepts clearly to technical teams, ISSOs/ISSMs, program leadership, and government stakeholders

Desired Qualifications

• Hands-on experience with AWS GovCloud and/or Azure Government, including security architecture for cloud-native and hybrid deployments
• Familiarity with DevSecOps patterns and integrating security architecture into CI/CD pipelines and IaC
• Experience supporting ATO and cATO programs as an architecture subject matter expert
• Familiarity with eMASS, security architecture tooling, and diagramming standards (e.g., SABSA, TOGAF, or equivalent)
• Relevant certifications: CISSP, AWS Security Specialty, CCSP, or equivalent

Remote - USA

$90,000—$125,000 USD

Benefits

• Premium health care plans (90% employer-paid)
• Employee stock plan
• 100% 401k match (up to IRS annual max)
• Generous PTO package
• Personal training and development budget

Stay in touch

Sign up for our newsletter to receive updates on cloud and cybersecurity in the public sector and what's new at Aquia.

Aquia Inc. is an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.