Senior Cybersecurity Architect

Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers' missions, fostering professional growth, and making a positive impact on our communities.

Our transition to Kentro in 2025 reflects a rich legacy built upon the foundation of IT Concepts. Rather than leaving ITC behind, we confidently embrace a future centered around the Core of More . By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones.

Kentro is hiring a highly skilled and forward-thinking Cybersecurity Architect to play a crucial role in a landmark Zero Trust (ZT) surge initiative for our esteemed client, U.S. Special Operations Command (USSOCOM). As a key member of our expert team, you will be responsible for designing, developing, and guiding the implementation of robust Zero Trust architectures. This position is integral to the initial planning and architectural definition phases of a multi-year ZT adoption, directly contributing to the security and resilience of critical SOF environments. You will translate strategic ZT objectives into tangible architectural blueprints, ensuring alignment with USSOCOM’s mission, DoD directives, and industry best practices. This role directly maps to the DoD 8140 Security Architect (Work Role ID: 652) Intermediate level, demanding deep technical expertise in cybersecurity, network architecture, and security engineering.

Responsibilities:

• Design and develop comprehensive Zero Trust architectures for USSOCOM's Greenfield (SOCRATES) and Brownfield (SOFNET-U/S) IT environments, ensuring alignment with the 7-week initial surge timeline for Iplan development and supporting long-term ZT objectives.
• Translate strategic ZT goals, DoD CIO ZT PfMO's 91 target activities (FY27) and 61 advanced activities (FY33), and operational requirements into detailed architectural blueprints, security controls, and technical specifications.
• Leverage outputs from ZT assessment tools (e.g., Leidos ZTRL) and frameworks (e.g., CACI ZT Playbook) to inform architectural decisions, identify gaps, and propose remediation strategies.
• Develop and document the protection needs (i.e., security controls) for information systems and networks, ensuring secure configuration management processes are employed.
• Design architectures and frameworks for systems and networks with multilevel security requirements, considering the processing of multiple data classification levels (e.g., Unclassified, Secret, Top Secret).
• Perform security reviews of existing and proposed architectures, identify gaps in security posture, and develop security risk management plans and mitigation strategies.
• Ensure that acquired or developed systems and architectures are consistent with USSOCOM’s cybersecurity architecture guidelines and ZT principles.
• Define and document how the implementation of new systems or interfaces impacts the security posture of the current environment.
• Collaborate closely with the Project Manager, Cyber Engineers, Systems Engineers, and Network Engineers to ensure architectural designs are feasible, implementable, and integrated effectively.
• Provide expert technical guidance and recommendations on ZT technologies, security tools, and architectural best practices.
• Document and address USSOCOM’s information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition and system development lifecycles.
• Develop system security context, preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity mandates.
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements.
• Support the development of the Bill of Materials (BOM) by providing detailed specifications for architectural components.

Location: On-site in Tampa, FL (Supporting USSOCOM).

• Bachelor of Science (BS) degree in Information Technology, Cybersecurity, Computer Science, Engineering, or a related field.
• A minimum of ten (10+) years of progressive experience in cybersecurity, with a strong emphasis on security architecture, design, and engineering.
• Required Certifications:
• GIAC Defensible Security Architecture (GDSA) - Preferred
• CompTIA Advanced Security Practitioner (CASP+) OR Security+ CE (or higher CompTIA) OR Red Hat Certified Specialist in Security: Linux
• Other relevant high-level Cyber Architect certifications (e.g., CISSP-ISSAP, CCIE Security, CNDA) are highly valued.
• Expertise in designing and implementing Zero Trust Architectures (ZTA) within complex enterprise environments, preferably DoD.
• Deep understanding of cybersecurity principles (confidentiality, integrity, availability, authentication, non-repudiation) and organizational security requirements.
• Proven ability to design architectures and frameworks, applying network security architecture concepts including topology, protocols, components, and defense-in-depth principles.
• Skill in applying cybersecurity methods such as firewalls, demilitarized zones (DMZs), encryption, intrusion detection/prevention systems (IDPS), and security information and event management (SIEM).
• Comprehensive knowledge of computer networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) and network security methodologies.
• In-depth knowledge of risk management processes (e.g., methods for assessing and mitigating risk, RMF), and skill in performing security reviews and identifying architectural gaps.
• Skill in determining how a security system should work (including resilience and dependability) and how changes in conditions, operations, or the environment will affect outcomes.
• Ability to translate operational requirements into protection needs (i.e., security controls) and integrate organizational goals into the architecture.
• Knowledge of cloud computing service models (SaaS, IaaS, PaaS), deployment models (private, public, hybrid), and associated security considerations.
• Familiarity with secure configuration management processes and systems security engineering.
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
• Understanding of cyber threats, vulnerabilities, and the operational impacts of cybersecurity lapses.
• Knowledge of authentication, authorization, and access control methods (e.g., PKI, MFA).
• Familiarity with encryption algorithms and cryptographic key management concepts.
• Ability to document and update all definition and architecture activities effectively.
• Strong analytical and problem-solving skills, with the ability to think strategically and develop innovative solutions.
• Excellent communication and interpersonal skills, with the ability to articulate complex architectural concepts to technical and non-technical stakeholders.
• Experience with USSOCOM, SOF environments, or other DoD agencies is a significant advantage.

Preferred:

• Experience supporting DoD or USSOCOM environments is highly preferred.
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• AWS Certified Security - Specialty

Clearance:

• Active Top Secret clearance with SCI is required.

The Company

We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let’s solve challenges, think innovatively, and maximize impact. As a valued member of our team, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.

We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015) and two CMMI ML 3 ratings (DEV and SVC).

Industry Recognition

Growth | Inc 5000’s Fastest Growing Private Companies, DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C.

Culture | Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work, Corporate Diversity Index Winner – Mid-Size Companies, Companies Owned by People of Color; Department of Labor’s HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award

Benefits

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more. We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.

Commitment Equal Opportunity Employment & VEVRAA

Kentro is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state or local law.

Kentro is strongly committed to compliance with VEVRAA and other applicable federal, state, and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure our hiring practices align with these requirements.

As part of our VEVRAA compliance efforts, Kentro has established an equal opportunity plan outlining our commitment to recruiting, hiring, and advancing protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.

We encourage protected veterans to self-identify during the application process. This information is strictly confidential and will only be used for reporting and compliance purposes as required by law. Providing this information is voluntary and will not impact your employment eligibility.

Our commitment to equal employment opportunity extends beyond legal compliance. We are dedicated to fostering an inclusive workplace where all employees, including protected veterans, are treated with dignity, respect, and fairness.

How to Apply

To apply to Kentro Positions- Please click on the: “Apply for this Job” button at the bottom of this Job Description or the button at the top: “Application.” Please upload your resume and complete all the application steps. You must submit the application for Kentro to consider you for a position. If you need alternative application methods, please email [email protected] and request assistance.

Accommodations

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email [email protected] .