Information Security Cloud Architect (HYBRID)

Description

About Dragonfli Group:

Dragonfli Group is a Washington, DC-based consulting firm specializing in cybersecurity and IT services for government agencies and large commercial enterprises. Our mission is to provide cutting-edge security solutions that help organizations safeguard their digital assets, ensure regulatory compliance, and mitigate evolving cyber threats. With a team of experienced professionals, we deliver expert security consulting, risk management, and cloud security solutions tailored to the unique challenges of our clients.

Job Summary:

We are seeking a highly skilled Senior Information Security Architect with deep expertise in AWS security architecture to lead security initiatives for a large commercial enterprise client. The ideal candidate will have a strong foundation in Information Security principles, including Business Security Architecture, Threat Modeling, and Data Security (e.g., encryption, masking, tokenization, data access controls). The role requires hands-on experience designing and implementing secure AWS cloud solutions, ensuring compliance with enterprise cloud security policies, standards, procedures, and industry best practices (e.g., NIST, OWASP).

The Senior InfoSec Architect will collaborate with Product Owners, Enterprise Architects, and other key stakeholders to define and implement security architectures that align with business goals while mitigating risk. This is a high-impact role that demands a strategic mindset, leadership skills, and deep technical expertise.

Work Arrangement: HYBRID

This role is primarily remote; however, it requires one day per week on-site in Reston, Virginia.

Key Responsibilities:

• Lead AWS Security Architecture Initiatives: Provide strategic direction and technical leadership for security design in AWS environments.
• Threat Modeling & Risk Assessments: Develop and implement robust security threat models and risk assessments.
• Secure System Design: Architect and enforce security standards for applications, APIs, and data in AWS cloud environments.
• Data Security & Encryption: Define and implement best practices for data protection, including encryption, key management, tokenization, and secure data access controls.
• DevSecOps & CI/CD Pipeline Security: Integrate security controls into DevSecOps pipelines, ensuring compliance with best practices.
• IAM & Access Control Management: Design and enforce secure Identity and Access Management (IAM) policies.
• Compliance & Regulatory Alignment: Ensure solutions comply with industry standards such as NIST, OWASP, CIS, FEDRamp, ISO, SOX.
• Incident Response & Security Monitoring: Collaborate with Security Operations to define monitoring strategies, SIEM configurations, and threat detection mechanisms.
• Stakeholder Collaboration: Work cross-functionally with Enterprise Architects, Product Owners, and Security Teams to align security strategy with business objectives.

Experience Level:

• A minimum of 8–12 years of experience in information security architecture, cloud security, and AWS security solutions.
• At least 5 years of hands-on experience in AWS security architecture and cloud security implementations.
• Demonstrated leadership experience in leading security initiatives, developing security frameworks, and collaborating with enterprise stakeholders.

Why Join Us?

• Work on high-impact AWS security projects with cutting-edge technologies.
• Collaborate with industry-leading security professionals in a fast-paced environment.
• Competitive salary and benefits package.
• Opportunity to lead AWS security strategy and innovation within a forward-thinking organization.

If you are a Senior Information Security Architect with expertise in AWS security architecture, we encourage you to apply and join a team committed to securing the cloud environment of the future.

Office Address

Requirements

Must-Have Qualifications:

AWS Cloud Security Expertise:

• Proven track record in AWS security architecture and expertise in AWS services (Compute, IAM, RDS, Resource Policies, Network, Messaging, Data Storage, CI/CD, AI/ML, ETL, Serverless, ECS/EKS).
• Strong knowledge of AWS security pillars, best practices, and AWS Well-Architected Framework.
• AI/ML security experience is preferred.

Information Security Architecture:

• Deep expertise in Application Security, Threat Modeling, API Security, DevSecOps, Infrastructure Security, Authentication/Authorization (AuthN/Z), Encryption, and Key Management.
• Hands-on experience with SIEM, CSPM, CWPP, Access Controls, and Container Security.

Systems Architecture & Integration:

• Strong background in System Design, API-driven Architecture, Open Standards, Stateless Applications, High Availability, and Resilient System Architectures.
• Experience integrating AWS security controls across multi-cloud and hybrid cloud environments.

Nice-to-Have Qualifications:

• AWS Advanced Certifications (AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional).
• Security Certifications (CISSP, CCSP, or equivalent).
• Experience in zero-trust architectures, security automation, and cloud-native security solutions.
• Familiarity with federal compliance frameworks such as FEDRamp and CMMC.
• Previous experience working as a consultant or contractor in a cybersecurity or cloud security role.

Skill(s)

Benefits

PTO

Insurance - Health, Dental, & Vision

401K, employer match

Travel

Salary