Lead Infrastructure and Cybersecurity Architect

• Design build and maintain secure resilient and scalable core infrastructure across on-premises cloud hybrid and multi-site environments. Drive modernization initiatives including cloud integration virtualization software-defined networking LAN/WAN SD-WAN VPN network segmentation and Infrastructure as Code automation .
• Evaluate integrate and govern enterprise network technologies including routers switches firewalls IDS/IPS NAC load balancing encryption wireless and secure connectivity solutions.
• Implement configure tune and improve security monitoring technologies including endpoint protection SIEM/SOAR Microsoft Defender Microsoft Sentinel logging alerting dashboards and incident-response integrations.
• Architect administer and support Microsoft GCC High Azure Government and hybrid commercial cloud environments in accordance with federal security requirements. Govern foundational systems backup environments identity endpoint collaboration monitoring and data protection capabilities.
• Implement and govern secure cloud and hybrid architectures using Microsoft Entra ID Conditional Access MFA/PIM Intune Purview AvePoint and related tools to support resource protection access control monitoring and compliance.
• Secure and harden foundational IT components including software development environments databases endpoints servers cloud resources and network devices by applying DISA STIGs configuration baselines vulnerability remediation and risk mitigation strategies.
• Provide hands-on technical support during security incidents including investigation containment remediation recovery documentation and follow-up hardening.
• Architect and oversee disaster recovery and business continuity strategies including backup validation recovery planning high availability resilience and continuity of critical infrastructure and business systems.
• Supports the evaluation implementation and secure operation of approved AI-enabled tools and workflows in accordance with organizational security risk mitigation and compliance requirements .

• Lead the technical implementation and sustainment of GRC controls aligned with CMMC Level 2 NIST SP 800-171/800-53 DFARS DISA STIGs and applicable DoD cybersecurity requirements. Support internal assessments remediation planning customer reviews and external C3PAO assessments.
• Develop and maintain compliance and engineering artifacts including System Security Plans POA&Ms configuration management documentation HLDs/LLDs network diagrams technical standards implementation plans incident response procedures and security control evidence.
• Provide technical architecture and infrastructure support for secure rooms classified or controlled environments and related systems in coordination with the ISSM FSO security compliance facilities and program teams.
• Partner across engineering cybersecurity compliance facilities program management customer stakeholders and vendors to embed security throughout the system lifecycle. Participate in architecture reviews risk assessments vendor evaluations change management and IT Configuration Control Board activities.
• Prepare and maintain technical roadmap s and standards for infrastructure cybersecurity tooling cloud architecture network modernization endpoint management disaster recovery secure AI adoption and compliance sustainment.
• Provide technical guidance and mentorship to engineering and technical staff to build organization-wide capability in secure design cloud operations infrastructure engineering and cybersecurity practices.
• Evaluate emerging technologies threats and industry trends to guide strategic upgrades while balancing long-term architecture goals with operational needs.

• Active Secret Clearance
• Bachelor's degree in Computer Science Information Technology Engineering Cybersecurity or a related field or equivalent professional experience.
• 10+ years of progressive experience in enterprise infrastructure architecture network engineering cybersecurity architecture cloud security systems architecture or related technical roles.
• Experience supporting DoD Federal Government defense contractor or similarly regulated environments.
• Advanced knowledge of enterprise network and infrastructure architecture including routing switching firewalls VPNs wireless VLANs network segmentation secure connectivity and high availability / disaster recovery architectures.
• Experience designing administering or supporting Microsoft GCC High Azure Government or comparable secure cloud identity endpoint collaboration monitoring or data protection environments.
• Strong working familiarity with CMMC Level 2 NIST SP 800-171 RMF DFARS cybersecurity requirements DISA STIGs and related DoD cybersecurity expectations.
• Hands-on experience with security hardening vulnerability management vulnerability remediation configuration baselines endpoint protection access control logging SIEM/security monitoring and incident response support including Microsoft Sentinel or comparable platforms.
• Ability to translate business program compliance e ngineering and emerging technology needs into secure technical architecture implementation plans and operational documentation.
• Ability to mentor technical teammates collaborate effectively across engineering cybersecurity compliance facilities and program teams and influence outcomes without direct management authority.

• Active Top Secret or TS/SCI security clearance.
• Direct involvement in CMMC Level 2 sustainment C3PAO or DIBCAC assessments secure rooms classified systems SSPs POA&Ms audit evidence and continuous compliance.
• Deep knowledge of Microsoft GCC High Azure Government Entra ID Intune Defender Sentinel Purview Conditional Access MFA/PIM Zero Trust Architecture FedRAMP DoD SRG or related federal cloud/security frameworks.
• Familiarity with Cisco Palo Alto Fortinet Aruba Juniper or comparable network platforms.
• Windows/Linux server administration and infrastructure automation using tools such as Windows Server Ubuntu RHEL Terraform Ansible Bicep PowerShell Bash or Python .
• Secure AI architecture and governance including approved tools workflows access controls logging monitoring and data boundary protections.
• Relevant certifications such as CISSP CISM CCNP CCIE Microsoft Cybersecurity Architect Expert Microsoft Azure Solutions Architect Expert Certified CMMC Professional Security+ Network+ or SANS/GIAC .

• Must possess exceptional written and verbal English communication skills with the ability to convey complex technical concepts to both technical and non-technical audiences.
• Ability to multitask across multiple programs manage competing priorities and maintain high focus in a fast-paced environment.
• Ability to navigate an office or server room setting including prolonged periods at a workstation.
• Ability to bend kneel crouch or reach to install inspect or maintain IT hardware server racks and cabling.
• Close visual acuity required for analyzing data engineering diagrams and extensive reading.
• Fine motor skills and dexterity to manipulate small technical devices and components.
• Ability to occasionally lift move and set up infrastructure equipment weighing up to 35 lbs.

What We Do

Caliola Engineering LLC’s staff of systems security and software engineers team with PhD researchers to identify and solve mission-critical problems for customers across the US Government. We have subject matter expertise in wireless communications cryptography protected MILSATCOM software defined radio and unmanned airborne systems. Our team has experience developing and transitioning innovative technologies to Programs of Record. We are a 100% woman owned small business (WOSB) headquartered in Colorado Springs CO. We focus on NAICS codes 541715 (Research and Development in the Physical Engineering and Life Sciences) and 541330 (Engineering Services).

Why Work With Us

This is an opportunity to join a rapidly-growing and inclusive team that is solving tough problems. Caliola offers a flexible collaborative and open culture that is unique in the defense industry. We offer generous benefits including subsidized health insurance Open PTO 401(k) matching and a scalable competitive pay structure.

Gallery