Tria Federal (Tria)
Security Architect
Tria Federal (Tria), Washington, District of Columbia, us, 20022
Who We Are:
Tria Federal (Tria) is the premier middle-market IT and Advisory services provider delivering digital transformation solutions to Civilian, Defense, and Intelligence agencies across the federal sector. With a future-forward vision and a mission rooted in service, we bridge capability gaps to help government agencies work faster, grow smarter, and stay nimble in the face of change.
Who You Are: You are a talented Security Architect with at least 4+ years of experience and a passion for thinking big, taking action, and delivering exceptional results. You are outcome-driven, quality-obsessed, and relentlessly focused on innovation as a value driver for world-class delivery, client satisfaction, and performance. You’re looking to grow as a professional in a team-oriented environment where you can put your fingerprint on mission-critical projects impacting the citizens we serve.
About This Role: Tria Federal (Tria) is seeking a talented Security Architect to join our team. The Security Architect supports the implementation of Portfolio and Product Line Architecture across the Department of Veterans Affairs Office of Information & Technology (VA OIT) by gathering and analyzing security artifacts as part of an integrated Enterprise Architecture in accordance with the VA EA Architecture Development Methodology (ADM). The Security Architect analyzes models to determine gaps and areas of concern as well as design the target state for improving cybersecurity compliance and reducing risk profiles across the Enterprise. The Security Architect, in collaboration with VA business and OIT stakeholders, proposes solutions and creates epics that improve security compliance and risk reduction in each product line.
Responsibilities: General understanding of cybersecurity principles, best practices, and industry standards, including confidentiality, integrity, and availability (CIA triad), as well as common attack vectors and threat actors. Ability to understand and interpret comprehensive security architectures that address the organization's risk profile, compliance requirements, and business objectives. Proficiency in secure network architectures, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, network segmentation, and secure remote access solutions. Experience with securing cloud environments (e.g., AWS, Azure, Google Cloud) and services, including identity and access management (IAM), data encryption, network security groups, and cloud security posture management (CSPM) tools, and an understanding of shared responsibility between the cloud provider and the end user. Knowledge of secure coding practices, web application firewalls (WAFs), secure software development life cycle (SDLC) methodologies, and vulnerability assessment tools to mitigate application-layer risks. Expertise in Identity and Access Management (IAM) technologies and solutions, including single sign-on (SSO), multi-factor authentication (MFA), role-based access control (RBAC), and privileged access management (PAM). Understanding of endpoint security controls, including antivirus/antimalware solutions, host intrusion detection/prevention systems (HIDS/HIPS), endpoint detection and response (EDR), and device encryption. Familiarity with data encryption, tokenization, data loss prevention (DLP), and data classification techniques to protect sensitive data at rest, in transit, and during processing. Knowledge of Security Operations Center (SOC) processes, incident response procedures, threat hunting techniques, and security information and event management (SIEM) platforms for proactive threat detection and response. Ability to conduct risk assessments, threat modeling, and security risk analyses to identify, prioritize, and mitigate security risks effectively. Ability to communicate security risks and recommendations to technical and non-technical stakeholders, as well as to document security architecture designs and requirements. Basic project management skills to plan, coordinate, and execute security projects, including resource allocation, budgeting, and timeline management.
The “Need-to-Have” Skills & Qualifications: Understanding of Compliance and Industry Regulations (e.g., GDPR, HIPAA, PCI DSS), compliance requirements, and security frameworks (e.g., NIST, ISO 27001) to ensure adherence to legal and regulatory standards. Must have a good working knowledge of foundational cloud aspects and architectures. Must understand encryption types (symmetric / asymmetric) as well as encryption algorithms such as RSA and DSA. Must have a strong communication skillset to be able to translate security points to government customers.
Professional Certifications: CISSP (Certified Information Systems Security Professional)
Education: Bachelor’s Degree
Clearance: Ability to obtain and maintain Public Trust
Years of Professional Experience: 4 years (at least 2 years of Cloud Experience)
The “Nice-to-Have” Skills & Qualifications: Prefer candidate to have strong knowledge and an understanding of security best practices with cloud architectures and the ability to use cloud-based tools to audit environments for compliance. Familiarity with API’s (Application Programming Interfaces) and API types. Desired understanding of DISA STIG (Security Technical Implementation Guide).
Professional Certifications: AWS / Azure / Google Cloud (Foundational and security-based)
Why Tria? What defines the Tria brand is more than just our dedication to excellence in our craft; it’s our incredible team of dedicated, talented, and passionate people that make Tria so exceptional. As a company that cares about people, we seek to cultivate a culture in which all can thrive personally and professionally. We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work and in life. At Tria, we are growth-minded, entrepreneurial in spirit, and committed to fostering a culture of inclusion and opportunity for all.
Equal Employment Opportunity (EEO): Tria Federal (Tria) is a Federal Contractor and EEO, OFCCP, VEVRAA, and Affirmative Action Employer. As an Equal Employment Opportunity provider, Tria follows the protection of federal, state, and local law: Qualified applicants will receive consideration for employment without regard to race, color, creed, religion, age, national origin, marital status, disability, veteran status, sexual orientation, gender identity or expression, marital status, or genetic information. U.S. Citizenship is required for this specific opportunity as Tria is unable to sponsor at this time.
#J-18808-Ljbffr
Who You Are: You are a talented Security Architect with at least 4+ years of experience and a passion for thinking big, taking action, and delivering exceptional results. You are outcome-driven, quality-obsessed, and relentlessly focused on innovation as a value driver for world-class delivery, client satisfaction, and performance. You’re looking to grow as a professional in a team-oriented environment where you can put your fingerprint on mission-critical projects impacting the citizens we serve.
About This Role: Tria Federal (Tria) is seeking a talented Security Architect to join our team. The Security Architect supports the implementation of Portfolio and Product Line Architecture across the Department of Veterans Affairs Office of Information & Technology (VA OIT) by gathering and analyzing security artifacts as part of an integrated Enterprise Architecture in accordance with the VA EA Architecture Development Methodology (ADM). The Security Architect analyzes models to determine gaps and areas of concern as well as design the target state for improving cybersecurity compliance and reducing risk profiles across the Enterprise. The Security Architect, in collaboration with VA business and OIT stakeholders, proposes solutions and creates epics that improve security compliance and risk reduction in each product line.
Responsibilities: General understanding of cybersecurity principles, best practices, and industry standards, including confidentiality, integrity, and availability (CIA triad), as well as common attack vectors and threat actors. Ability to understand and interpret comprehensive security architectures that address the organization's risk profile, compliance requirements, and business objectives. Proficiency in secure network architectures, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, network segmentation, and secure remote access solutions. Experience with securing cloud environments (e.g., AWS, Azure, Google Cloud) and services, including identity and access management (IAM), data encryption, network security groups, and cloud security posture management (CSPM) tools, and an understanding of shared responsibility between the cloud provider and the end user. Knowledge of secure coding practices, web application firewalls (WAFs), secure software development life cycle (SDLC) methodologies, and vulnerability assessment tools to mitigate application-layer risks. Expertise in Identity and Access Management (IAM) technologies and solutions, including single sign-on (SSO), multi-factor authentication (MFA), role-based access control (RBAC), and privileged access management (PAM). Understanding of endpoint security controls, including antivirus/antimalware solutions, host intrusion detection/prevention systems (HIDS/HIPS), endpoint detection and response (EDR), and device encryption. Familiarity with data encryption, tokenization, data loss prevention (DLP), and data classification techniques to protect sensitive data at rest, in transit, and during processing. Knowledge of Security Operations Center (SOC) processes, incident response procedures, threat hunting techniques, and security information and event management (SIEM) platforms for proactive threat detection and response. Ability to conduct risk assessments, threat modeling, and security risk analyses to identify, prioritize, and mitigate security risks effectively. Ability to communicate security risks and recommendations to technical and non-technical stakeholders, as well as to document security architecture designs and requirements. Basic project management skills to plan, coordinate, and execute security projects, including resource allocation, budgeting, and timeline management.
The “Need-to-Have” Skills & Qualifications: Understanding of Compliance and Industry Regulations (e.g., GDPR, HIPAA, PCI DSS), compliance requirements, and security frameworks (e.g., NIST, ISO 27001) to ensure adherence to legal and regulatory standards. Must have a good working knowledge of foundational cloud aspects and architectures. Must understand encryption types (symmetric / asymmetric) as well as encryption algorithms such as RSA and DSA. Must have a strong communication skillset to be able to translate security points to government customers.
Professional Certifications: CISSP (Certified Information Systems Security Professional)
Education: Bachelor’s Degree
Clearance: Ability to obtain and maintain Public Trust
Years of Professional Experience: 4 years (at least 2 years of Cloud Experience)
The “Nice-to-Have” Skills & Qualifications: Prefer candidate to have strong knowledge and an understanding of security best practices with cloud architectures and the ability to use cloud-based tools to audit environments for compliance. Familiarity with API’s (Application Programming Interfaces) and API types. Desired understanding of DISA STIG (Security Technical Implementation Guide).
Professional Certifications: AWS / Azure / Google Cloud (Foundational and security-based)
Why Tria? What defines the Tria brand is more than just our dedication to excellence in our craft; it’s our incredible team of dedicated, talented, and passionate people that make Tria so exceptional. As a company that cares about people, we seek to cultivate a culture in which all can thrive personally and professionally. We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work and in life. At Tria, we are growth-minded, entrepreneurial in spirit, and committed to fostering a culture of inclusion and opportunity for all.
Equal Employment Opportunity (EEO): Tria Federal (Tria) is a Federal Contractor and EEO, OFCCP, VEVRAA, and Affirmative Action Employer. As an Equal Employment Opportunity provider, Tria follows the protection of federal, state, and local law: Qualified applicants will receive consideration for employment without regard to race, color, creed, religion, age, national origin, marital status, disability, veteran status, sexual orientation, gender identity or expression, marital status, or genetic information. U.S. Citizenship is required for this specific opportunity as Tria is unable to sponsor at this time.
#J-18808-Ljbffr