Enterprise Security Architect, Lead

McLean, VAFull-time$86.8k–$198kPosted Jul 13, 2026
Apply
Enterprise Security Architect, Lead

The Opportunity:

Security must be architected, not bolted on. You understand how to embed security into every layer of an enterprise system, from data pathways to identity flows, to network segmentation and cloud control planes. We are seeking an Enterprise Security Architect to design security solutions for clients with complex network, platform, and data-protection needs implementing solutions that withstand advanced cyber threats. In this role, you will help define, enhance, implement, and maintain security solutions for one or more networks and technology platforms while guiding adherence to information security policies and procedures.


In this role, you will apply risk modeling and secure design methodologies to develop tailored controls for client and industry exposures, then translate those designs into practical architectures for network and application deployments. You will advise on security technologies and communicate security complexities clearly to technical teams, stakeholders, and senior management. You will partner with engineering teams, cybersecurity SMEs, cloud or platform owners, and business stakeholders. You’ll assess current-state environments, identify architectural gaps, evaluate emerging technologies, and build roadmaps that advance enterprise security maturity. This is an opportunity to shape hardened systems that support the mission, and to learn from a team of experts while doing it.

Join us. The world can’t wait.


You Have:

  • 7+ years of experience in cybersecurity
  • 3+ years of experience in security architecture or security design
  • Experience designing enterprise-scale secure cloud or hybrid architectures, and developing architecture documents such as diagrams, models, SSPs, and data flows
  • Experience with network security appliances using technologies such as F5 or Palo Alto
  • Experience with data security engineering, including DLP, encryption at rest and in transit, and tokenization
  • Experience with security technologies such as HSMs, SASE, and cloud security platforms
  • Knowledge of Zero Trust architectures, NIST SP 800‑53 or 800‑207, and secure engineering principles
  • Knowledge of enterprise information security architecture, information assurance, and network security
  • Secret clearance
  • Bachelor's degree


Nice If You Have:

  • Experience with cloud security platforms such as AWS, Azure, or Google Cloud
  • Experience with enterprise logging, SIEM or SOAR integrations, and detection engineering alignment
  • Experience supporting compliance or accreditation processes, including RMF, ATO, FedRAMP, and ICD 503
  • Experience with Agile development methodologies and DevSecOps practices
  • Experience with container or Kubernetes security and micro-segmentation
  • Experience creating reusable secure architecture patterns or reference designs
  • Experience working in a fast-paced environment with multiple stakeholders and priorities
  • Knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001, and COBIT
  • TS/SCI clearance
  • Security Architecture Certification such as CISSP-ISSAP or TOGAF Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,800.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Candidate AI Usage Policy

AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided.

Work Model
Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings.

  • Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility.

  • Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility.

  • Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free