About INflow Federal - founded in 2013, INflow Federal is a mission-driven small business delivering cutting-edge solutions to the Department of War (DoW) and Joint Force operations across 20+ states. Our strength comes from our people - especially the Veterans who make up over 50% of our workforce. Through our Veteran Outreach Program and employee-first culture, we invest deeply in professional growth, well-being, and innovation. Known for our agility, transparency, and integrity, INflow combines real-world experience with emerging technologies like AI/ML to help our customers lead in a rapidly evolving defense landscape. We empower both our employees and mission partners to stay ahead - driving smarter, faster, and more secure outcomes.
INflow Federal is seeking a Security Architect/Engineer to design, implement, and sustain secure enterprise architectures for a modernized Department of Defense (DoD) information system. The Security Architect will ensure systems meet stringent security, compliance, and operational standards through defense-in-depth engineering, Zero Trust implementation, and RMF control integration across IL environments. This position plays a key role in establishing secure architectures that protect sensitive mission data while enabling operational agility, interoperability, and compliance with DoD cybersecurity mandates. This is a fully remote position.
Here, your work is more than a job - it’s a journey in innovation. With opportunities to work on high-impact projects, access to the latest technologies, and a culture that thrives on creativity and collaboration, INflow Federal is where your expertise can truly make a difference.
Lead the design and implementation of secure system architectures across multiple IL environments (IL2–IL5) in compliance with DoD and NIST standards
Define and validate security requirements throughout the system lifecycle, including hardware, software, and cloud components
Conduct risk assessments, security architecture reviews, and threat modeling to identify and mitigate vulnerabilities
Develop and maintain architecture diagrams, data flow mappings, and control baselines for ATO documentation and continuous monitoring
Implement Zero Trust principles including segmentation, strong identity management, encryption, and telemetry integration
Support and maintain RMF accreditation artifacts (SSP, SAR, POA&M, etc.) and ensure traceability to implemented controls
Integrate security automation and continuous compliance within DevSecOps pipelines using tools such as Tenable ACAS, AWS Inspector, and Twistlock
Collaborate with network, platform, and application teams to align technical implementations with cybersecurity policy and architecture standards
Define and enforce data protection and key management solutions (KMS, TDE, PKI) within AWS GovCloud and hybrid environments
Support vulnerability management, remediation tracking, and penetration testing coordination
Maintain awareness of evolving DoD cyber policies, cloud standards, and emerging security technologies to proactively improve posture
Lead technical deep dives and architecture reviews for proposed changes to ensure secure system evolution
Contribute to incident response readiness, ensuring forensic tools, audit logs, and alerting mechanisms are in place
Provide guidance and mentorship to engineers and administrators on secure configuration management, encryption, and boundary protection
Deep understanding of DoDI 8510.01 (RMF), NIST SP 800-53/171, and DISA STIG/SRG compliance frameworks
Expertise in cloud security architecture and Zero Trust implementation
Experience with encryption standards, data loss prevention (DLP), and secure identity management (SAML, OAuth, MFA)
Proficiency with AWS GovCloud, container security, and Infrastructure as Code (IaC) security
Familiarity with network security principles, firewall design, VPNs, and segmentation
Knowledge of continuous monitoring tools such as Splunk, ELK Stack, CloudWatch, and GuardDuty
Experience supporting ATO/renewal efforts, POA&M closure, and security audit responses
Strong analytical, architectural, and documentation skills
Ability to evaluate technical designs for compliance and security effectiveness
Excellent communication skills for presenting complex topics to technical and non-technical audiences
Strong collaboration across development, cybersecurity, and program management teams
Commitment to proactive risk management and secure modernization
Preferred certifications: CISSP, CISM, or CompTIA Advanced Security Practitioner (CASP+); AWS Certified Security – Specialty; CompTIA Security+ CE (DoD 8570 baseline); Certified Cloud Security Professional (CCSP)
Bachelor’s degree in Cybersecurity, Computer Science, or a related technical field, or equivalent combination of education, technical training, or work/military experience
Minimum 7 years of experience in cybersecurity engineering, architecture, or secure system design for federal or defense environments
Experience developing and enforcing security architectures and control frameworks in AWS GovCloud IL4/IL5
Proven experience integrating security into Agile or DevSecOps pipelines and performing RMF-compliant design reviews
Active DoD Top Secret (SCI preferred)
United States·ArlingtonRemotemid