Lead Discovery Architect (Cyber Compliance & GRC)

Job Overview \& Responsibilities:

The Lead Discovery Architect of our Cyber Strike Pods anchors the Assessment\-Led Operating Model by converting raw telemetry into defensible decisions and prioritized, time\-bound remediation plans aligned to NIST SP 800\-207 and the CISA Zero Trust Maturity Model. The Lead Discovery Architect leads high\-velocity discovery assessments to find flaws and architect the cybersecurity foundations required to sever attack paths across on\-premises Active Directory, Entra ID (Azure AD), and the emerging world of Agentic AI. This role operates as the discovery authority and chief architect for a multi\-disciplinary pod, owning technical direction, quality, and executive communications across assessment, prioritization, and proof\-of\-remediation. Given the U.S. Public Sector context, this role works within ATO constraints and handles sensitive data appropriately while coordinating with compliance owners (e.g., FISMA/FedRAMP/CMMC) to ensure evidence and artifacts support accreditation updates. Duties and Responsibilities:

• Direct technical discovery within Active Directory (AD) and Entra ID.
• Convert raw telemetry into Executive Identity Risk Scorecards.
• Articulate "Choke Point Saturation" and "Attack Path Depth," proving to Agency CISOs that an adversary can achieve Full Domain Takeover in an average of 3\.2 hops.
• Own and deliver executive readouts/whiteboard sessions to translate graph\-theory findings into business impact, time\-to\-fix, and outcome\-based roadmaps with clear owners and due dates.
• Identify the Shadow Admins and unmanaged GPOs that must be remediated before IAM/PAM tools can be effectively deployed and map each finding to specific identity control objectives and preconditions for IAM/PAM efficacy.
• Identify specific Choke Points that represent 80% of a client's risk (e.g., GPO links, Service Account rotation, and Tiered Admin restrictions).
• Lead hands\-on proofs\-of\-remediation for the top choke points and measure impact before scale\-out.
• Map identified risks to specific hardening or maturity services and OEM solution pathways (Ping Identity, Aembit, Zscaler, Delinea, Hydden).
• Sequence work to minimize operational disruption and define “no\-regrets” controls and fast\-path wins.
• Utilize tools like Hydden to identify the risks of orphaned service principals, Automated Service Accounts, and Shadow AI agents that create unmonitored backdoors into critical workloads.
• Recommend lifecycle controls, least\-privilege scopes, and continuous discovery for NHIs across clouds and platforms.
• Move clients from static, password\-based security to a context\-aware Zero Trust architecture, ensuring "Least Privilege" is enforced by technical control, not just policy.
• Analyze the structural integrity of the bridge between on\-prem AD and Entra ID, identifying high\-risk configurations such as identifying the compromise of an on\-prem helpdesk account can lead to a total takeover of the M365/Azure tenant.
• Convert technical debt into actionable demand for our high margin Hardening \& Maturity Services.
• Move clients from
"Reactive" (D\+) to "Optimized" (A) postures.
• Document runbooks and operating\-level agreements that sustain gains post\-engagement.
• Build and maintain reusable discovery and hardening automation (PowerShell, Microsoft Graph API, KQL, Neo4j/Cypher, Terraform/Policy\-as\-Code) and steward a Git\-based pattern library/playbooks for repeatable execution.
• Define, track, and report identity resilience KPIs/OKRs (e.g., Mean Attack Path Length, Shadow Admin density, Credential Exposure rate, CA policy coverage) and establish a leadership inspection cadence.
• Support mentorship of pod engineers to develop identity security expertise, operational judgment, and technical ownership.
• Coordinate with SOC, IR, Cloud Platform, and Enterprise Architecture to sequence changes safely and ensure durable ownership.
• Ensure alignment to U.S. Public Sector requirements (e.g., NIST SP 800\-53 controls, CISA directives/BODs, agency\-specific ATO conditions) and produce evidence artifacts to support audits and accreditations.

Other Duties

• Perform all other duties, as assigned.

Qualifications:

Minimum Requirements:

• Bachelor’s Degree in an IT\-related field or equivalent work experience, required.
• 12\-15 years of progressive experience in Cyber consulting.
• 5\+ years leading hands\-on identity modernization engagements.
• Proven experience leading automation architecture for high\-volume, factory\-style transformations (hundreds to thousands of workloads).
• Demonstrated experience and ownership of reusable automation assets and playbooks (version\-controlled, peer\-reviewed).
• Hands\-on experience operating in hybrid environments spanning on\-prem virtualization, Kubernetes/OpenShift platforms, and public cloud services.
• Deep, practical experience with Microsoft identity/security stack: Entra ID Protection, Conditional Access, PIM, Entra ID Governance, Defender for Identity, Microsoft Sentinel (SIEM), and Microsoft 365 Defender.
• Experience in U.S. Public Sector environments and frameworks (NIST SP 800\-207/800\-53, FedRAMP, CMMC) is highly desirable.

Knowledge / Skills / Abilities (KSAs):

• Deep proficiency with Active Directory (on\-prem) and Entra ID (Cloud). Understanding of and/or ability to learn proficient use of BloodHound, PingCastle, and Purple Knight is mandatory
• Hands\-on proficiency with Microsoft Defender for Identity, Entra Permissions Management (CIEM), Microsoft Sentinel, and Microsoft 365 Defender.
• Fluency in PowerShell, KQL, Python, and Neo4j/Cypher for data\-driven analysis and automation.
• Deep understanding of NIST 800\-207 and the technical requirements for implementing a Zero Trust identity perimeter.
• Ability to translate Zero Trust principles into enforceable controls (Conditional Access patterns, PIM guardrails, device trust, continuous evaluation).
• Ability to see an environment through the eyes of an attacker such as nodes, edges, and "Pass\-the\-Hash" opportunities where others see "Users and Groups"
• Ability to write and interpret complex Cypher and KQL to quantify attack paths, choke points, and control efficacy; familiarity with MITRE ATT\&CK and threat modeling (e.g., STRIDE).
• Ability to translate a complex graph\-theory finding into a compelling business case for identity modernization.
• Skilled at building decision\-ready artifacts (scorecards, roadmaps, architecture decision records) that drive action.
• Exceptional written and verbal communication skills, with the ability to translate complex automation concepts into executive\-level and non\-technical narratives.
• A mindset oriented toward product thinking – treating automation as a long\-lived platform rather than a one\-time migration tool with strong DevOps hygiene (Git, PRs, CI) and change management discipline to ensure safe rollout at scale.

Company Overview:

*As a federal government contractor and a recipient of federal funding, Mythics and Emergent is required to abide by the Drug\-Free Workplace Act, which requires Mythics and Emergent to provide a drug\-free workplace, among other obligations. As part of this effort, Mythics and Emergent requires pre\-employment drug tests for all candidates for employment. Please note that marijuana (including medical marijuana) is designated as a controlled substance under federal law and will be screened for in the drug test.*

Emergent, a subsidiary of Mythics, LLC, is an award\-winning IT solutions provider and value\-added reseller based in Virginia Beach, Virginia. Since 2006, Emergent has specialized in solving complex challenges and delivered best\-of\-class technology solutions to operations in all levels of government, education, and commercial organizations worldwide. At Emergent, we are looking for motivated people with the expertise and insight to tackle the toughest client issues.Why Work at Emergent?

• -------------------------

Because at Emergent, YOU count! At Emergent, our Corporate Values are at the foundation of everything we do. Our values, Respect – Empathy – Excellence – Fun (REEF), have created an environment that fosters creative thinking, respects your contributions, and accepts nothing less than excellence in serving our customers. At Emergent, you will experience a truly enjoyable corporate culture.

Enjoy Tailored Benefits to Suit Your Needs with our Flexible Options. Our benefit options include:

• Comprehensive Health, Dental, and Vision plans
• Premier 401k retirement plan with corporate matching and a 529 college saving plan
• Tax\-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
• Legal Resources

Unlock Exclusive Benefits for Full\-Time Employees:

• Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
• Employee referral program
• Employee recognition, gift and reward program
• Tuition reimbursement for continuing education
• Remote or hybrid work options
• Engaging company events such as team building activities, annual awards and kick\-off parties
• Health and wellness\-focused activities
• Relaxation Spaces
• In\-office gourmet coffee, tea, fresh fruit and healthy snacks
• Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices

Emergent, LLC is an equal opportunity employer. In accordance with applicable federal, state, and/or local law, all qualified applicants will receive consideration regardless of race, color, religion, national origin, sex, disability, sexual orientation, gender identity, age, marital status, medical condition, veteran status, or other factors protected by law. We offer equal opportunity in compensation, advancement opportunities, and all other terms and conditions of employment. As a federal government contractor, Emergent has developed and maintains a written Affirmative Action Program relating to individuals with disabilities and protected veterans, which sets forth the policies, practices and procedures to which the Company is committed in order to ensure that its policy of nondiscrimination and affirmative action for qualified individuals with disabilities and protected veterans is followed. For those unable to complete an online application, alternative methods are available by contacting accommodationrequests@mythics.com. For more information about Federal laws prohibiting job discrimination, please read Know Your Rights.