Enterprise Cloud Security Architect

The Opportunity:

The Enterprise Cloud Security Architect provides architecture leadership across Booz Allen'sEnterprise.This role requires deep technicalexpertiseacross AWS, Azure, and GCP cloud platforms, shaping how engineering teams design and implementsecure by designcloud andhybridsolutions. The architect develops andmaintainsenterprise security standards, cloud governance models, andmulticloudreference architectures, ensuring alignment with Booz Allen's global security strategy andmulticloudvision. The position plays a critical role in advancing scalable, secure, and compliant cloud environments that support enterprise businessobjectives. We need you to help us develop cloud-based security architectures for some of the Intelligence Community(IC)'s most critical systems.

The Enterprise Cloud Security Architect will serve as amulticloudarchitecture SMEacross AWS, Azure, and GCP, providingdesign levelleadership and guidance to engineering teams.Lead the interpretation and adoption ofmulticloudgovernance models, including AWS Control Tower, Azure Landing Zones, and GCP Organization Structures, to support secure and automated enterprise environments. Translate security strategies intocloud agnosticarchitectural patterns, standards, and reference architectures implemented across engineering teams.Contribute to shaping Booz Allen's enterprise cloud and cybersecurity capabilities by developing convergedmulticloudarchitectural approaches aligned with innovation, governance, risk management, and modernization goals.

Lead architectural and design reviews to ensure alignment with reference architectures, enterprise security controls, and compliance frameworks.Communicate architectural direction across teams and stakeholders to support consistency, clarity, andsecure-by-designdecision making.Maintain deep understanding of cloud security, automation, networking, and identity to effectively evaluate and influence engineering solutions and technical implementations. This position is located in Reston, Virginia.

Join us. The world can't wait.

You Have:

• 10+ years ofexperiencein enterprise security architecture, cloud architecture, or cybersecurity engineering roles, utilizing cloud-native functionality as well as COTs, GOTS, and open-source tools to meet your objectives.

• Experience integrating cybersecurity tools and capabilities in an enterprise environment, modernizing cybersecurity capabilities by pushing functionality closer to the edge, closer to the workload, and operating in a distributed manner

• KnowledgeofInfrastructure codeconcepts such as Terraform, CloudFormation, or Bicep toprovidearchitectural guidance

• Knowledgeof multicloudgovernance and automationsuch as AWS Control Tower, Azure Landing Zones, or GCP OrgPolicies

• Knowledgeof multicloudnetworking models, including segmentation, routing, andhybridconnectivity

• Knowledgeof Cloud security controls, compliance frameworks, and security telemetry ecosystems

• Knowledgeof modern cybersecurity frameworks, includingZero Trustprinciples andsecure by designmethodologies

• Active TS/SCI clearance; willingness to take a polygraph exam

• Associate's degree and 5+ years of experience supporting IT projects and activities, Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ years of experience supporting IT projects and activities

• Ability to obtain a DoD 8570 IAT Level II Certification such as Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification within 30 days of start date

Nice If You Have:

• Experienceproducing enterprise architecture artifacts such as reference architectures, design patterns, standards, and decision records

• Experiencewith cloud modernization andmulticloudstrategy drivers such as innovation, portability, governance consolidation, and vendorvariation

• Knowledgeofcloud nativesecurity, identity, and platform capabilities across all three major cloud providers

• Ability toevaluate, guide, and improve architectural designs created by engineering and delivery teams and create and maintain realistic roadmaps of solution development and improvement activities

• MulticloudCertifications, such as AWS, Azure, or GCPCertifications

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Identity Statement

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Candidate AI Usage Policy

AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided.

Work Model
Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings.

• Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility.

• Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility.

• Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.