CACI International
Cybersecurity Architect - Zero Trust
CACI International, Chantilly, Virginia, United States, 22021
Cybersecurity Architect - Zero Trust
Job Category: Engineering
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI with Polygraph
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
The Opportunity:
Join our team as a Senior System Engineer in Data Security, supporting our prestigious engineering client. In this role, you'll leverage your expertise to define and enforce data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures. Your knowledge of strong authentication methods, including multi-factor authentication (MFA), biometric authentication, and smart card authentication, will be crucial for robust identity verification.
As a proficient user of automation tools such as Linux scripting, Python, and PowerShell, you'll build and deploy infrastructure efficiently. Your skills in managing and operating Privilege Access Management (PAM) software will be highly valued.
Be part of a dynamic department with an expanding range of programs focused on Cyber Operations. You'll have the opportunity to grow within and across programs, working alongside dedicated peers who are committed to advancing national security. We offer paid cyber events and training, including Capture the Flag events, Internal Research and Development opportunities, and prepaid courses for nationally recognized certifications to boost your career. Learn more about our program by visiting VORPAL Jobs (https://careers.caci.com/vorpal) .
Responsibilities:
• Design, engineer, and implement complex data protection solutions beyond data encryption
• Provide expert guidance on Identity and Access Management (IAM) principles and standard methodologies
• Lead the development and implementation of Zero Trust data protection strategies, including encryption, tokenization, and data masking techniques
• Design and manage identity-centric access controls, defining granular permissions and enforcing least privilege access to government data
• Implement and manage encryption methodologies for data at rest, in transit, and during processing
• Deploy and oversee security monitoring tools and analytic platforms to identify anomalous behavior, potential threats, and vulnerabilities within government data systems
Qualifications:
Required:
An active TS/SCI with Poly clearance
Deep-level understanding of Windows Active Directory and the ability to configure/edit Windows Active Directory and Domain Services
Expertise implementing system logging to include network device, Windows, and Linux logging
Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent
Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment
Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent
Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions
Familiarity of Splunk and other Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings
Desired:
Systems administration and IT certification in Linux, Microsoft, or other network related fields
Experience using VMWare and other virtualization technologies
Strong communication and presentation skills to convey complex technical concepts to both technical and non-technical customers
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .
The proposed salary range for this position is:
$102,900 - $216,200
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Job Category: Engineering
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI with Polygraph
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
The Opportunity:
Join our team as a Senior System Engineer in Data Security, supporting our prestigious engineering client. In this role, you'll leverage your expertise to define and enforce data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures. Your knowledge of strong authentication methods, including multi-factor authentication (MFA), biometric authentication, and smart card authentication, will be crucial for robust identity verification.
As a proficient user of automation tools such as Linux scripting, Python, and PowerShell, you'll build and deploy infrastructure efficiently. Your skills in managing and operating Privilege Access Management (PAM) software will be highly valued.
Be part of a dynamic department with an expanding range of programs focused on Cyber Operations. You'll have the opportunity to grow within and across programs, working alongside dedicated peers who are committed to advancing national security. We offer paid cyber events and training, including Capture the Flag events, Internal Research and Development opportunities, and prepaid courses for nationally recognized certifications to boost your career. Learn more about our program by visiting VORPAL Jobs (https://careers.caci.com/vorpal) .
Responsibilities:
• Design, engineer, and implement complex data protection solutions beyond data encryption
• Provide expert guidance on Identity and Access Management (IAM) principles and standard methodologies
• Lead the development and implementation of Zero Trust data protection strategies, including encryption, tokenization, and data masking techniques
• Design and manage identity-centric access controls, defining granular permissions and enforcing least privilege access to government data
• Implement and manage encryption methodologies for data at rest, in transit, and during processing
• Deploy and oversee security monitoring tools and analytic platforms to identify anomalous behavior, potential threats, and vulnerabilities within government data systems
Qualifications:
Required:
An active TS/SCI with Poly clearance
Deep-level understanding of Windows Active Directory and the ability to configure/edit Windows Active Directory and Domain Services
Expertise implementing system logging to include network device, Windows, and Linux logging
Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent
Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment
Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent
Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions
Familiarity of Splunk and other Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings
Desired:
Systems administration and IT certification in Linux, Microsoft, or other network related fields
Experience using VMWare and other virtualization technologies
Strong communication and presentation skills to convey complex technical concepts to both technical and non-technical customers
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .
The proposed salary range for this position is:
$102,900 - $216,200
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.