Zero Trust Junior Architect

Job Family:

Cyber Consulting

Travel Required:

Up to 10%

Clearance Required:

Ability to Obtain Public Trust

What You Will Do:

Our Cybersecurity Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. A career in an integrated team of developers and consultants provides the opportunity to grow and contribute to our clients' business issues every day, applying a collection of security spectrum capabilities, including security strategy and governance, IT risk, security technologies, and cybercrime and breach response.

We are seeking an experienced Zero Trust Junior Architect to lead the design, assessment, and implementation of Zero Trust architecture across all security pillars. This role is ideal for a strategic thinker and hands-on technologist who thrives in dynamic environments and is passionate about advancing cybersecurity maturity across complex organizations. Must bring deep expertise in Zero Trust principles, with hands-on experience on industry-leading security platforms and a strong understanding of emerging trends and government-driven maturity frameworks (CISA Zero Trust Maturity Model(s) and DoD Zero Trust Strategy).

This role will be responsible for guiding enterprise security transformation initiatives, conducting detailed maturity assessments, and providing architectural leadership to ensure secure, scalable, and resilient solutions for our federal government clients.

Key Responsibility Areas include, but are not limited to:

Zero Trust Architecture & Strategy

• Design, document, and maintain enterprise Zero Trust architectures spanning identity, device, network/environment, application/workload, and data pillars.
• Define strategic roadmaps and reference architecture aligned with organizational objectives and mission requirements.
• Partner with cross-functional teams to embed Zero Trust principles into technology modernization efforts, cloud transitions, and cybersecurity initiatives.
• Partner with cybersecurity, network engineering, cloud, DevSecOps, and governance teams to ensure cohesive implementation and maturity.
• Perform organizational assessments using the CISA Zero Trust Maturity Model.
• Produce gap analyses and prioritized remediation plans aligned with maturity expectations.

Technology Expertise & Implementation

• Evaluate and architect solutions leveraging leading Zero Trust technologies, particularly:
  • CrowdStrike (endpoint detection and response, identity protection).
  • Zscaler (Zero Trust access, secure web gateway, private access).
  • Okta (identity and access management, MFA, lifecycle management).
• Automate Zero Trust processes to improve scalability, efficiency, and compliance while adhering to established security policies.
• Support solution engineering, configuration guidance, integration patterns, and proof-of-concept deployments across hybrid and multi-cloud environments.

Industry Research & Thought Leadership

• Continuously monitoring emerging Zero Trust trends, frameworks, technologies, and threat intelligence.
• Advise senior leadership on advancements and evolving best practices in Zero Trust architecture and secure-by-design methodologies.
• Develop documentation, whitepapers, or briefings to support executive decision-making.

What You Will Need:

• Minimum of EIGHT (8) years of experience in IT or managing large-scale deployments and cross-functional technical teams with five (5) years of US Federal government consulting experience.
• Bachelors degree
• US Citizenship is required
• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred
• Experience working in federal civilian, defense contractor, or highly regulated environments.
• Experience leading teams for IT security operations, threat response, or security architecture development, including IAM system requirements, design, implementation, integration, testing, or change management.
• Demonstrated expertise across all pillars of Zero Trust (identity, device, network/environment, application/workload, data).
• Hands-on experience with Zero Trust technology platforms (e.g., CrowdStrike Falcon, Zscaler, and Okta).
• Familiarity with CrowdStrike Falcon for scoring, analytics, and enforcement.
• Hands-on experience with automating security workflows and integrating Zero Trust technology platforms.
• Deep understanding of identity-centric security, segmentation, continuous monitoring, and least privileged access.
• Experience designing secure cloud architectures (AWS, Azure, or Google Cloud).
• Demonstrated ability to lead enterprise-scale architecture efforts and communicate effectively with both technical and executive stakeholders.
• Excellent verbal and written communication skills, with the ability to articulate technical issues and project goals to both technical and non-technical audiences.
• Strong people skills managing a diverse set of stakeholders and direct client management experience.
• Strong analytical and problem-solving skills.
• Ability to obtain and maintain an active security clearance.

What Would Be Nice To Have:

• Active security clearance.
• Project Management Professional (PMP) certification or Certified ScrumMaster (CSM) certification.
• Certifications such as CISSP, CCSP, CISM, ISC2   Zero Trust Strategy Certificate, Okta Certified Professional, Zscaler ZCCA-IA / ZCCP-IA, or CrowdStrike certifications.
• Knowledge of NIST 800-53, 800-207, RMF, FedRAMP, and related frameworks.
• Experience with SIEM, SOAR, SASE, and identity threat detection and response technologies.
• Strong practical experience applying and assessing organizations against DoD and CISA Zero Trust Maturity Models.

The annual salary range for this position is $130,000.00-$216,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or guidehouse@myworkday.com.  Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse.  Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse’s Ethics Hotline. If you want to check the validity of correspondence you have received, please contact recruiting@guidehouse.com. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant’s dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.