ZERO TRUST SYSTEMS ENGINEER TECHNICAL SME (DEVICES) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Zermount, Inc. · 2 days ago

ZERO TRUST SYSTEMS ENGINEER TECHNICAL SME (DEVICES)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date7+ years exp

Zermount Inc. is seeking a Zero Trust Systems Engineer Technical SME to assist in providing security for federal clients. The role involves designing, implementing, and maintaining Zero Trust architectures, with a focus on applications and workloads, while ensuring compliance with federal requirements.

Cyber SecurityInformation TechnologyNetwork Security
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assess, design, and implement Zero Trust architectures for agency systems, computer programs, and services that execute on-premises, on mobile devices, and in cloud environments
Collaborate with cross-functional teams to integrate Zero Trust principles into the design, development, and deployment of applications and workloads
Conduct regular security assessments, vulnerability scans, and penetration testing for enterprise and system specific devices to identify and mitigate risks
Monitor and respond to security incidents related to applications and workloads, performing root cause analysis, and implementing corrective actions
Develop and enforce security policies, standards, and procedures specific to applications and workloads in alignment with industry best practices and regulatory requirements
Stay updated on emerging threats, vulnerabilities, and security technologies relevant to applications and workloads, and apply them to enhance security posture
Provide technical guidance and mentorship to junior team members in the areas of Zero Trust for applications and workloads

Qualification

Zero Trust ArchitectureCybersecurity ComplianceNIST GuidelinesSecurity Assessment ToolsPolicy EnforcementAsset Risk ManagementThreat ProtectionVisibilityAutomationOrchestrationGovernance CapabilityTechnical CommunicationProfessionalismPatienceTactTeam CollaborationProblem Solving

Required

A minimum of 10 years of IT cybersecurity experience including direct support for the US Government and 7 years acting as an ISSO, assessor, or compliance analyst for enterprise IT systems OR a relevant Bachelor's Degree in IT, Computer Science, or Engineering and 7 years of IT cybersecurity experience including direct support for all US Government and 5 years acting as an ISSO, assessor, or compliance analyst
Knowledge of NIST guidelines and FISM Cybersecurity compliance requirements
Technical knowledge of complex enterprise IT systems
Knowledge and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc
Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers
Knowledge of EO 14028, OMB M 22-09, Federal, DoD, and CISA Zero Trust Architecture, Maturity Model, and Technical Reference Architectures
Excellent communication, collaboration, and problem-solving skills
Ability to work independently and as part of a team
Ability to navigate complex and politically sensitive client environments with professionalism, patience, and tact
Demonstrated ability to effectively engage and manage relationships with highly political clients while maintaining a professional demeanor, exhibiting patience, and navigating sensitive situations with tact
Proven Experience in Policy Enforcement: With a track record of success, the candidate has effectively assisted agencies or organizations in achieving policy enforcement goals. They have utilized automated methods to manage devices and virtual assets, ensuring compliance throughout their lifecycle. This includes approving software, identifying vulnerabilities, and applying necessary patches. The candidate has demonstrated expertise in integrating device, software, configuration, and vulnerability management across all environments, including virtual assets
Proven Experience in Asset & Supply Chain Risk Management: The candidate has a proven history of helping agencies or organizations achieve effective asset and supply chain risk management. They have maintained a comprehensive and near-real-time view of assets across vendors and service providers. Their expertise lies in automating supply chain risk management processes, building resilient operations that can withstand supply chain failures, and incorporating industry best practices
Proven Experience in Resource Access: The candidate has a track record of assisting agencies or organizations in prioritizing resource access based on verified insights into the characteristics of devices or virtual assets used to access resources. They have leveraged real-time risk analytics to make informed decisions regarding resource access, contributing to successful outcomes
Proven Experience in Device Threat Protection: With proven expertise, the candidate has assisted agencies or organizations in implementing centralized threat protection security solutions with advanced capabilities for devices and virtual assets. They have played a key role in adopting a unified approach for device threat protection, policy enforcement, and compliance monitoring, leading to enhanced security
Proven Experience in Visibility and Analytics Capability: The candidate has demonstrated their ability to help agencies or organizations achieve visibility and analytics capability. They have successfully automated the collection of status information for all network-connected devices and virtual assets, correlating device information with identities, conducting endpoint monitoring, and performing anomaly detection. Their contributions have facilitated resource access decisions and enabled effective tracking and analysis of anomalies
Proven Experience in Automation and Orchestration Capability: With a proven track record, the candidate has assisted agencies or organizations in developing and implementing fully automated processes for provisioning, registering, monitoring, isolating, remediating, and de-provisioning devices and virtual assets. Their expertise in automation and orchestration has contributed to streamlined operations and improved efficiency
Proven Experience in Governance Capability: The candidate has helped agencies or organizations achieve governance capability by successfully automating policies that govern the lifecycle of all network-connected devices and virtual assets across the enterprise. Their proven expertise in governance has ensured consistent and effective management practices
Minimum of a Bachelor's Degree in one of the following: Information Technology (IT), computer engineering, computer science, cyber security, or a related field. Relevant years of experience may be used in substitution for situations where the candidate does not have a Bachelor's degree in the required field
At least one of the following security certifications: Certified Authorization Professional (CAP); Certified Information Systems Security Officer (CISSO); Certified Information Security Manager (CISM); or Certified Information Systems Security Professional (CISSP)
Minimum of an active Secret Clearance

Company

Zermount, Inc.

twittertwittertwitter
company-logo
Zermount, Inc., a Certified SDVOSB, was founded by Terry Butler a proven leader and Cybersecurity/Information Technology (IT) professional with over15 years’ experience supporting the Federal Government and commercial clients.
dateFounded in 2013
location
Arlington, Virginia, USA
people-size51-200 employees
web-link
https://www.zermount.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Terry Butler
CEO
linkedin
Company data provided by crunchbase