Lead Zero Trust Engineer

Tyto Athene, LLC
Fortbelvoir, VA
23 Jan 2025

Vacancy expired!

Introduction:Tyto is seeking a

Lead Zero Trust Engineer that drives the implementation of a Zero Trust Architecture with data security controls, including enhanced detection capabilities and improved event analysis, in large enterprises. You will also review, analyze, and architect Zero Trust security configurations, designs, and solutions. In this role, you will drive the Zero Trust security for the modernization of the Army classified network infrastructure at multiple CONUS/OCONUS locations to provide improved end user connectivity capabilities. Our Lead Zero Trust Engineer will apply threat modeling techniques for developing custom-tailored Zero-Trust controls that apply to secure design and architecture methodologies for network, data, and application deployments and work to infuse Zero Trust design principles across all pillars of a Zero Trust model. You will support enterprise-wide, end-to-end Zero Trust architecture projects involving cutting-edge technologies and concepts, including cloud technologies, enterprise identity, microservices, containers, encryption, tokenization, AI, ML, SIEM, SOAR, and threat modeling. You will help consult on Zero Trust security technologies, tools, and techniques and communicate the complexities of security with a wide variety of audiences, including senior management.

Responsibilities:
  • Analyze the client’s current network architecture in conjunction with ZT assessment findings to recommend future-state network architecture design for the government agency
  • Perform research and lead proof of concept efforts to determine where additional technologies may be necessary to achieve the desired level of zero trust
  • Analyze and develop requirements, use cases, and technical documentation to support the zero trust transformation for the agency deployment
  • Interface with the client and work with a team of 3-5 practitioners in conducting assessments and executing follow on actions
  • Identify system security requirements for external and internal facing web applications, networks, operating systems, and cloud environments
  • Ensure the secure design, architecture, installation, configuration, hardening, and remediation of software applications
  • Review, analyze and design zero trust products and security configurations
  • Deploy and configure zero trust broker tools with other security tools, including identity management, Security Information and Event Management (SIEM), and EDR tools
  • Design, integrate and configure cyber security and network monitoring tools
  • Support clients with data protection and overarching cloud capabilities
  • Implement core and cloud infrastructure security to manage risks and exposure
  • Analyze tactical network architectures and topologies to assess security risks

Qualifications:
  • Bachelor's degree and 8+ years of experience with enterprise security architecture, including designing, building, and maintaining enterprise IT systems
  • Experience defining security requirements, security assessments and security recommendations using industry standards as reference models
  • Hands on experience with common enterprise-wide network security and (SIEM) technologies or tools such as ZScaler, CrowdStrike, Forescout, Palo Alto Networks, and Splunk
  • Experience with enterprise cloud systems and solutions across aero trust pillars
  • Knowledge of ZT based Identity, Credential, and Access Management (ICAM) solutions
  • Understanding of modern network infrastructure capabilities (i.e., Secure Access Service Edge (SASE), Software-Defined Wide Area Networks (SD-WAN), Software-Defined Perimeter (SDP), Software-Defined Networks (SDN), etc.)
  • Experience with cyber threat indicators and prioritizing cyber threats
  • Familiarity with DoD environments, standards, and architectures
  • Knowledge of U.S. Government security regulations and standards including NIST SP 800-171, 800-53, RMF, ISO 27001, Trusted Internet Connection (TIC) 3.0, and SOX
  • Working knowledge of zero trust principles, frameworks, and implementation strategies
  • Knowledge of end-to-end product or solution sets to implement Zero Trust
  • Ability to write and maintain technical documentation, including reference architectures and implementation plans
  • CISSP or Cloud+ certification

Preferred Qualifications
  • Forrester Zero Trust Strategy certification
  • DoD 8570 IAT Level III qualifications: https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/

Security Clearance Required:
  • Active DoD Secret clearance with Top Secret eligibility

Travel Required:
  • Yes, 25-50% of the time

Potential for Telework:
  • Yes, 50% of the time
Equal Opportunity Employer: Disability/Veteran

About Tyto AtheneTyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto's services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and 'As-a-Service'. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe.