Cybersecurity Architect - Linux & Zero Trust in Chantilly, VA at honor foundations

Date Posted: 10/14/2024

Job Snapshot

Job Description

Job Profile:

Cyber Engineering T4

JR Type:

Funded

Job Category:

Engineering

Minimum Clearance Required to Start:

TS/SCI with Polygraph

Percentage of Travel Required:

Up to 10%

Type of Travel:

Continental US

Program/Opportunity Name:

Program | Aquaman

Referral Bonus Plan:

$7,000

* * *

Job Description:

What You Will Get To Do:

You will be a highly skilled Senior System Engineer/Data Security supporting our engineering client.  You will lead and manage data security strategies, ensuring the implementation of robust Zero Trust principles within government data environments.  You will apply sound engineering practices, good judgement and technical skills to achieve both short and long-term goals as established by client management. You will provide support for the internal systems and networks used by the client to support mission.  You will focus on designing, engineering, and implementation of complex data protection beyond data encryption; and provide expert guidance on Identity and Access Management (IAM) principles and standard methodologies. You will lead the development and implementation of Zero Trust data protection strategies, including encryption, tokenization, and data masking techniques to secure sensitive data across networks; design and manage identity-centric access controls, defining granular permissions and enforcing least privilege access to government data, aligning with Zero Trust principles; implement and manage encryption methodologies for data at rest, in transit, and during processing, ensuring compliance and adherence to Zero Trust standards; implement and manage security monitoring tools and analytic platforms, leveraging data-centric insights to identify anomalous behavior, potential threats, and vulnerabilities within government data systems.

Be part of a department with an expanding range of programs focusing on Cyber Operations, where you get to grow on and between programs with peers who are dedicated to advancing national security. Participate in fun team outings and team building events where you get to engage with your co-workers and expand your career network. We are a fun, engaging environment with a management team focused on growing your career and making you a part of our future. We offer bonus compensation plans that demonstrate you being appreciated for working on the program and being a part of our team. You'll get paid for cyber events and training, such as our Capture the Flag Events, Internal Research and Development opportunities as well as prepaid courses to nationally recognized certification courses to grow your career. Learn more about our program by reviewing the landing page: VORPAL Jobs (caci.com) You’ll Bring These Qualifications:

  • An active TS/SCI with Poly clearance

  • Bachelor's degree in computer science, Engineering, Information Technology, or equivalent experience

  • 10+ years of demonstrated experience as a System Engineer/Data Security focusing on Zero Trust technology

  • Experience building and deploying infrastructure using Automation tools such as Linux scripting, Python and PowerShell

  • Expertise in defining and enforcing data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures

  • Knowledge of strong authentication methods such as multi-factor authentication (MFA), biometric authentication, and smart card authentication for robust identity verification

  • Extensive experience in implementing encryption solutions for data at rest, in transit and in use, leveraging cryptographic algorithms and key management aligned with Zero Trust principles

  • Proficiency in data security technologies, including encryption tools, access control mechanisms, and other data-centric security tools

  • Understanding of encryption in transit, function and design

  • Ability to create and manage TLS certificates both through Windows certificate services and the creation and management of self-signed certificates

  • Deep-level understanding of Windows Active Directory, as well as the ability to configure/edit Windows Active Directory and Domain Services

  • Ability to effectively use and manage Splunk to find vulnerabilities, security incidents, and understand how security rules are written across infrastructure

  • Expertise implementing system logging to include network device, Windows, and Linux logging

  • Effectively manage and operate Privilege Access Management (PAM) software

  • Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent

  • Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment

  • Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent

  • Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions

  • Understanding of the difficulties involved in performing all tasks on-premises in a highly secure isolated network environment, prioritizing least privilege, network isolation, and following Zero Trust principles

  • Analyze customer requirements and provides solutions to a variety of technical problems of varying degrees of complexity

  • Familiarity of Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings

  • Good communication and presentation skill to convey complex technical concepts to both technical and non-technical customers

These Skills Would Be Nice To Have:

  • Systems administration and IT certification in Linux, Microsoft, or other network related fields

  • Experience using VMWare and other virtualization technologies

What We Can Offer:

-

We’ve been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

- For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Company Overview:

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

The proposed salary range for this position is:

$102,900 - $216,200

',