Job Openings >> Zero Trust Security Architect.
Zero Trust Security Architect.
Summary
Title:Zero Trust Security Architect.
ID:4271
Location:APG
Clearance:SECRET
Description

Netorian LLC has an immediate opening for a Zero Trust Security Architect with extensive experience in Elastic Technologies tools and experience with Tactical Public Key infrastructures.  This position is for a Tactical Network Cyber Security Engineer.  The engineer will be responsible for the design, documentation, integration and automation of the tactical zero-trust security infrastructure.  This role requires a deep understanding of security protocols, vulnerability management, network security, and identity management, with a focus on achieving a comprehensive zero-trust framework.

 

Key Responsibilities:

Elastic Engineer:

  • Act as a supporting engineer on the Elastic team integrating Elasticsearch, Kibana, Logstash, Endgame, and the Elastic agent software with custom ansible provisioning.
  • Create scripts and templates supporting custom Elastic integrations including logstash pipelines, beat inputs, ingest pipelines, indexes, data streams, and various visualizations.  Familiarity with EQL, KQL, painless or GROK is a plus. 
  • Act as a supporting engineer on the Army DevOps team using an Ubuntu agent and python scripts to connect to the Azure DevOps (ADO) environment.
  • Elastic support also includes STIG automation on Oracle Linux using bash scripts as well as customer support via Teams.

Public Key Infrastructure: (TKPI)

  • Act as an engineer on the TPKI team supporting production Microsoft Certificate Authorities, Active Directory, and OCSP Responder Services.
  • Support continued maintenance of the existing root certificate chain including server rebuild and maintenance, customer support, and certificate and CRL Issuance.
  • Design and implement a new certificate root chain utilizing Information Security Corporation CertAgent software.

 

Zero Trust Architecture Design:

  • Develop, implement, and maintain a zero-trust architecture across the organization’s entire IT environment, ensuring that all systems adhere to the "never trust, always verify" security philosophy.
  • Security Integration:
    Reconfigure and integrate multiple security technologies and platforms to ensure seamless communication and compatibility, including:
    1. ACAS (Network Vulnerability Scanner)
    2. Active Directory (Centralized Identity Provider)
    3. Cisco ASA & Palo Alto/Panorama (Network Firewall and IPS)
    4. Elastic (Network SIEM)
    5. Endgame (Endpoint Detection and Response)
    6. Cisco ISE (Radius and TACACS Server)
    7. MECM (Endpoint Management and Patching)
    8. Microsoft Defender (Windows Firewall and Anti-Virus)
    9. Privileged Access Workstation (PAW) (Dedicated Windows Platform for JIT Admin Management)
    10. Tactical PKI (Dedicated Windows Platform for JIT Admin Management)
    11. MFA (User Tokens for multi-factor authentication)
  • Identity and Access Management (IAM):
    Ensure secure authentication and authorization mechanisms through centralized identity providers like Active Directory, Cisco ISE, and implement role-based access control (RBAC) aligned with Zero Trust principles.
  • Endpoint Protection and Management:
    Oversee the integration of endpoint detection and response (EDR) systems like Endgame, anti-virus tools like Microsoft Defender, and patch management through MECM to ensure endpoint security and compliance with Zero Trust policies.
  • Network Security Optimization:
    Design and configure network firewalls and intrusion prevention systems (IPS) such as Cisco ASA and Palo Alto to limit lateral movement within the network and integrate them with a SIEM system like Elastic for real-time threat detection and response.
  • Privileged Access Management:
    Manage and secure privileged access using Privileged Access Workstations (PAW) and Tactical PKI platforms to ensure Just-In-Time (JIT) administrative access is enforced across critical systems.
  • Security Monitoring and Incident Response:
    Leverage the Elastic SIEM platform to monitor network activity and incidents, and work with the security team to respond to threats in real-time. Ensure that threat detection, response, and reporting adhere to Zero Trust standards.
  • This position also involves support for the Elastic team including working within the Azure DevOps Environment, using ansible, bash and python to automatically deploy changes to the Elastic baseline.  Elastic support also includes STIG automation on Oracle Linux using bash scripts as well as customer support via Teams.

Qualifications:

  • Proven experience in designing and implementing Zero Trust architecture.
  • In-depth knowledge of security tools and platforms including ACAS, Elastic SIEM, Cisco ASA, Palo Alto, Endgame, MFA, Active Directory, MECM, and Microsoft Defender.
  • Experience working with privileged access management tools and Just-In-Time (JIT) admin management, including Privileged Access Workstations (PAW) and Tactical PKI solutions.
  • Strong understanding of network security, endpoint protection, identity and access management (IAM), and multi-factor authentication (MFA).
  • Experience in network vulnerability scanning, patch management, and endpoint detection and response (EDR).
  • Expertise in integrating and automating security platforms to create cohesive security ecosystems.
  • Familiarity with network firewalls and intrusion prevention systems (IPS) such as Cisco ASA and Palo Alto.
  • Strong problem-solving and troubleshooting skills.
  • Excellent communication skills with the ability to convey complex security concepts to both technical and non-technical stakeholders.
  • Relevant certifications such as CISSP, CISM, or equivalent are a plus.

WHY WORK FOR NETORIAN?

Netorian provides uniquely talented, mission-focused professionals to a worldwide customer base and a variety of project management, program analysis, and solution development services for the Department of Defense, Federal Government agencies, and the State of Maryland. We are an Equal Opportunity Employer.

Joining our team gives you immediate access to our benefits package, which includes:

Healthcare
Our comprehensive health care plan includes medical, dental, vision, and prescription coverage. The plan features additional conveniences such as tele-health (virtual visits), tele-behavioral health, programs to manage lifestyle health, and a mobile app. Eligibility begins on Day 1 of employment.

Life and Disability Insurance

We provide, and fully pay for, short and long-term disability income benefits, life insurance up to $250,000, and accidental death and dismemberment insurance.

Retirement Plan

Our retirement plan offers a Traditional 401(k) option, a Roth 401(k) option, and a company match. Our retirement plan also includes a carefully curated selection of investment options and the services of a dedicated Financial Advisor.

Paid Time Off and Holidays

Full-time employees are paid for the 11 federal holidays and receive 15 days of paid time off (PTO) per year. All unused PTO carries over each year. Use it or save it!
Our benefits package also includes:

  • Competitive Compensation
  • Referral Bonuses
  • Education Assistance
  • Merit Bonuses

For more information about Netorian, please visit our website at www.netorian.com.

ApplicantStack powered by Swipeclock
Netorian, LLC
210 Research Boulevard, Suite 260J
Aberdeen, MD 21001
Info@Netorian.com
+1 (844) 638-6742
Netorian Logo
ISO logo

Committed to Quality - ISO 9001:2015 certified.