Zero Trust SME

Job Description:

ASRC Federal is seeking an experienced Zero Trust SME in support of a large, complex government Zero Trust program. The SME will support and augment ongoing efforts to achieve, maintain, continuously improve, and integrate ZT operational capabilities and solutions across ZT pillars. The SME will also provide enhanced capabilities and integration of operational capabilities and services across ZT pillars to accelerate ZT maturity beyond its current rate, and achieve and maintain White House, OMB, and DHS ZT maturity goals over the next two years. 

The Zero Trust SME will have experience applying the principles of Zero Trust governance across the five pillars of Zero Trust. The ideal candidate will have previous Federal agency experience with data management, developing and securing CI/CD pipelines, implementing automated cybersecurity solutions and staying abreast of industry advancements, and knowledge of and experience with Zero Trust federal requirements and the DHS CISA Zero Trust Maturity Model. This position is REMOTE.

Requirements: 

• Bachelor’s degree in computer science, security engineering or related field.
• 10+ years of professional IT experience.
• 5+ years of software development experience.
• Experience implementing Zero Trust Architecture at a large federal agency.
• Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.

Responsibilities:  

• Implementing Zero Trust requirements (all pillars) per executive orders/directives/policies/memorandums/etc. at an enterprise level.
• Implementing large enterprise-level projects/programs.
• Identifying critical needs, changes, and upgrades based on new network and security technologies or threats and developing solutions (i.e. Zero Trust).
• Planning, evaluating, and leading projects or teams, such as assigning work, setting priorities, budgeting, and providing feedback on work assignments.
• Developing methodology and modern programming technologies and frameworks such as Amazon Web Services Cloud (AWS) tools, or Data bricks, or Scala, or Open-Source technologies.
• Understanding the interrelationships among multiple IT disciplines (IT security, infrastructure, networking, end user support, etc.).
• Developing data driven software solutions to improve agency Zero Trust maturity scores.

• Developing automated solutions to improve agency Zero Trust maturity scores. .
• Coding, scripting, data wrangling, data visualization, and presentation of historical and projected data that improves agency management of its Zero Trust program and progress across Pillars.
• Providing recommendations and a roadmap to automate and secure DevSecOps CI/CD pipelines using Checkmarx, Jenkins, Burp Suite and Nexus IQ.
• Staying up to date with the latest industry trends and advances in cybersecurity and AI/ML technologies to identify potential technological resources and solutions to develop, maintain, and enhance data and application security to improve Zero Trust maturity scores.
• Supporting implementation, testing, and monitoring for data processing pipelines and AI/ML learning products to improve Zero Trust maturity scores.
• Collaborating with cross-functional teams to identify business needs and provide technical solutions to improve Zero Trust maturity scores across the five ZT Pillars.

Desired Skills and Qualifications:

• Recent experience at a Federal agency. Current DHS or DoD security clearance or public trust.
• Knowledge and experience with Zero Trust federal requirements and DHS CISA Zero Trust Maturity Model.
• Eagerness to learn and ability to think critically and work independently.
• Proficiency in scripting, identity, MFA, micro-segmentation, how approaches affect delivery teams, end point detection, data protection, policy automation and orchestration.
• Proficiency in continuous monitoring and real time analytics to detect and respond to issues immediately.
• Experience with Nexus IQ, Checkmarx, Burp Suite, Backstage, automation and governance standards. 
• Experience with Chef, Ansible, nMap, Palo Alto Networks Expedition, SonarQube, Tenable DB Protect, Tenable.io, Twistlock
• Cloud experience specifically, AWS and Azure.
• Familiarity with DevSecOps practices, CI/CD pipelines, Jenkins implementation and automated testing.
• Familiarity with data structures, storage systems, cloud infrastructure, front-end frameworks, AI/ML, deep learning frameworks, and other technical tools.