Leidos is seeking an Zero Trust Engineer / Architect to support large-scale migration and operations on a large, high-profile DOD contract in Fort Belvoir, VA. The I3TS program provides enterprise-wide IT support to enable DTRA’s Information Management & Technology Directorate (ITD) to consolidate, modernize, and continuously innovate the delivery of IT services and mission capabilities to DTRA’s internal and external mission partners operating in CONUS and OCONUS locations.

The  Zero Trust Engineer / Architect wil l be responsible for the functional and technical design of  Zero Trust (ZT) and DevSecOps solutions within the DTRA ITD I3TS portfolio, including leading the technical design of solution components and developing system and technical requirements in support of customer-facing capabilities in a Data-Driven, AI ready, hybrid cloud-based environment. As a I3TS team member, you will work as part of a fast paced, Agile team to create solution designs as well as develop and manage requirements across multiple DTRA ITD modernization and integration efforts. The ideal candidate will be abreast of the DoD/DISA/CISA Zero Trust (ZT) requirements to guide the government agency on the best practice deployment as well as support configuration of zero trust tools in their environment. The candidate will have superior attention to detail and excellent organizational skills, as well as the ability to meet deadlines and work in a highly collaborative work environment. You will possess the ability to complete complex tasks and projects, conduct research as needed, react with appropriate urgency to situations that require a quick turnaround, and take effective action without having to know the total picture. 

The Systems Engineer / Architect will be responsible for working with a team to ensure successful completion of testing and verification of new capabilities prior to deployment. To accomplish these goals, the successful candidate will demonstrate strong deductive reasoning, attention to detail, persistence, patience, and creativity. 

Primary Responsibilities:

• Work with team to analyze the client’s current network architecture in conjunction with ZT assessment findings to recommend future-state network architecture design for the government agency 

• Assist with research and proof of concept efforts to determine where additional technologies may be necessary to achieve the desired level of zero trust 

• Work with requirements team to develop requirements, use cases, and technical documentation to support the zero trust transformation for the agency deployment 

• Interface with the client and work with a team of 3-5 practitioners in conducting assessments and executing follow on actions 

• Assist with Identification of system security requirements for external and internal facing web applications, networks, operating systems, and cloud environments 

• Ensure the secure design, architecture, installation, configuration, hardening, and remediation for software applications to protect the bureau’s sensitive information 

• Review, analyze and design zero trust products and security configurations 

• Work with engineering team to perform deployment and configuration of zero trust broker tools with other security tools, including identity management, Security Information and Event Management (SIEM), and EDR tools and or access to the internet and private applications 

• Develop ongoing operations and maintenance plan for the zero trust tools, including providing patching and end-user support with engineering team to provide ongoing maintenance 

• Collaborate with SIEM engineers to ensure logs are onboarding and maintained in the SIEM tool 

• Provide support for ongoing SIEM tuning and use case development 

• Provide ongoing advisory support to bureau leadership on responses to new network requirements and regulatory mandates (such as executive orders, emergency directives, binding operational directives, and data calls from governance and oversight bodies) 

• Assist with design, integrate and configure cyber security and network monitoring tools 

• Develop strategies to respond to and recover from a security breach with zero trust team 

• Advocate for technology insertion, that improves current inefficiencies 

• Support clients with data protection and overarching cloud capabilities 

• Implement core and cloud infrastructure security to manage risks and exposure

• Perform cyber reconnaissance to illuminate a potential attack surface area 

• Provide threat and vulnerability management to federal clients and teams 

• Analyze tactical network architectures and topologies to assess security risks 

Basic Qualifications:

• Masters degree from an accredited college in a related discipline, or equivalent experience/combined education, with 15 - 20 years of professional experience; or Doctorate with 13 – 16 years of prior relevant experience. Specific experience, education and training may be considered in lieu of degree.

• Security+ certification or equivalent DoD 8570 IAT II certification within 14 days of start date. 

• Must possess a DoD Top Secret clearance prior to your start date.

• Experience leading solution design and architecture development for a complex Zero Trust and DevSecOps approaches in a rapidly evolving system architecture. 

• Experience with the design, develop, and delivery of data driven operations capabilities, in a DoD environment. 

• Experience with enterprise cloud systems and solutions across aero trust pillars 

• Knowledge of ZT based Identity, Credential, and Access Management (ICAM) solutions 

• Understanding of modern network infrastructure capabilities (i.e., Secure Access Service Edge (SASE), Software-Defined Wide Area Networks (SD-WAN), Software-Defined Perimeter (SDP), Software-Defined Networks (SDN), etc.) 

• Experience working with/in SOCs and/or NOSCs 

• Experience with cyber threat indicators and prioritizing cyber threats 

• Familiarity with federal government environments, standards, and architectures 

• Experience in U.S. security requirements related to regulations or standards, including NIST SP 800-171, 800-53, RMF, ISO 27001, Trusted Internet Connection (TIC) 3.0, and SOX 

• Working knowledge of zero trust principles, frameworks, and implementation strategies 

• Experience working with a highly technical team and in a dynamic, fast-paced environment 

• Experience with project management and configuration management tools such as JIRA, Xray, Confluence and Git. 

• Strong written and verbal communication skills are required to collaborate with customer representatives, domain experts, systems engineers, and architects. 

• Prioritizing work to meet fixed deadlines. 

• Ability to travel periodically, as needed. 

• Experience working and collaborating in a cross-discipline team with technical and non-technical stakeholders. 

​

Preferred Qualifications:

• Experience with infrastructure automation tools (e.g., Ansible, Chef, Puppet) 

• Experience with large-scale systems integration projects and managing cross-functional teams 

• Familiarity with Public Key Infrastructure (PKI) and certificate lifecycle management across both Windows and Linux platforms 

• Knowledge of cloud technologies, virtualization, and hybrid-cloud integration 

• Experience in troubleshooting complex system integration issues across multi-platform environments 

• Understanding of system security protocols and how to ensure secure integrations during project deployments 

• Experience with DevOps/DevSecOps, Configuration as Code, Infrastructure as Code, and CI/CD implementation and practices  

• Experience or Interest in building AI capabilities for Operations. 

• Familiarity with Agile methodologies, and tools.  

• Understanding of network routing devices and network device configurations. 

• Understanding of ITIL foundation or ITIL certified.