Zero Trust Architect
Cambridge International Systems Inc - Arlington, VA
Apply NowJob Description
When you join the Cambridge team, you are part of a skilled and talented global community that is united by a set of core values: commitment, integrity, and perseverance. Join our team and help us confront today's most threatening and complex obstacles!Cambridge International Systems, Inc. has a full-time Zero Trust Architect opportunity available based in Kaiserslautern, Germany (Patch Barracks). Qualified candidates for this job must possess a current DoD Secret security clearance and be eligible for DoD Top Secret clearance, NATO Indoctrination, and meet TESA accreditation requirements. ***TESA Certification allows employees the to be tax exempt for both Germany and US, in addition to other great perks***Employees may be eligible for: relocation reimbursement, housing allowance, COLA and school reimbursement for dependents.ROLE RESPONSIBILTIESZero Trust Architecture Design:Lead the design and implementation of a Zero Trust security architecture for the organization.Develop and implement strategies to ensure the least privilege access, micro-segmentation, and continuous monitoring of network traffic.Collaborate with cross-functional teams to integrate Zero Trust principles into existing and new systems.Identity and Access Management:Implement strong authentication and authorization mechanisms to verify user identities and ensure secure access.Design and implement role-based access controls (RBAC) and implement identity and access management (IAM) solutions.Monitor and audit user access to identify and mitigate potential security work Security:Implement network segmentation and micro-segmentation strategies to limit lateral movement.Design and deploy secure communication channels, including encryption and VPN solutions.Collaborate with network engineers to ensure secure configuration and monitoring of network devices.Endpoint Security:Design and implement endpoint protection strategies, including device posture assessment and continuous monitoring.Implement application control and device authentication measures.Work with IT teams to ensure security configurations on endpoints align with Zero Trust principles.Security Monitoring and Incident Response:Implement continuous monitoring solutions to detect and respond to security incidents.Develop and document incident response plans for Zero Trust environments.Conduct regular security assessments and penetration testing.REQUIRED QUALIFICATIONSBA/BS + 5 years recent specialized or AA/AS +7 years recent specialized or a major cert + 9 years recent specialized or 11 years of recent specialized experienceDOD 8570 IAT 2 compliance.Proven experience as a Zero Trust Architect or in a similar cybersecurity -depth knowledge of cybersecurity principles, protocols, and best practices.Experience with identity and access management solutions, network security, and endpoint protection.Familiarity with cybersecurity frameworks, compliance standards, and regulations.Strong problem-solving and analytical skills.Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Zero Trust Architect (CZTA) are a plus.Extensive experience supporting Microsoft Azure and Microsoft 365Experience in systems infrastructure design, support, and administrationExperience working with Microsoft Azure and Microsoft 365 in a hybrid environment.Azure AD, storage, and compute including Application Proxy (NDES), Storage Account, Virtual Machines, Virtual Desktop, Backup, Automation, and FunctionsAzure identity management including SSO (SAML), OAuth, MFA, RBAC, PIM, conditional access, monitoring / alerting, device registration, identity protection, and hybrid identity management / AD connect.Azure networking including ExpressRoute, VNet, Virtual WAN, VPN, NSG, Load Balancer, BGP, routing, and firewall concepts (Palo Alto, etc.)Experience collaborating with technical teams of diverse IT related skill sets.IAT-III Level Certification (CISSP, CASP+ CISM, etc)Microsoft Certified Azure Administrator Associate or Developer AssociateMust be proficient in using different technologies such as computers and other tools and systems pertinent to the position.Must possess an active DoD TS/SCI security clearance.TRAVEL REQUIREMENTSActive rare occasions, overnight travel may be required.PHYSICAL ENVIRONMENT AND WORKING CONDITIONSCambridge International Systems complies with Temporary Duty Station (TDY)/Outside Continental United States (OCONUS) vaccination requirements. If this position requires OCONUS travel (listed above),
Created: 2024-10-02