Zero Trust Architect
vor 1 Woche
When you join the Cambridge team, you are part of a skilled and talented global community that is united by a set of core values: commitment, integrity, and perseverance. Join our team and help us confront today’s most threatening and complex obstacles
Cambridge International Systems, Inc. has a full-time Zero Trust Architect opportunity available based in Kaiserslautern, Germany (Patch Barracks).
Employees may be eligible for: relocation reimbursement, housing allowance, COLA and school reimbursement for dependents.
**ROLE RESPONSIBILTIES**
Zero Trust Architecture Design:
- Lead the design and implementation of a Zero Trust security architecture for the organization.
- Develop and implement strategies to ensure the least privilege access, micro-segmentation, and continuous monitoring of network traffic.
- Collaborate with cross-functional teams to integrate Zero Trust principles into existing and new systems.
- Identity and Access Management:
- Implement strong authentication and authorization mechanisms to verify user identities and ensure secure access.
- Design and implement role-based access controls (RBAC) and implement identity and access management (IAM) solutions.
- Monitor and audit user access to identify and mitigate potential security risks.
Network Security:
- Implement network segmentation and micro-segmentation strategies to limit lateral movement.
- Design and deploy secure communication channels, including encryption and VPN solutions.
- Collaborate with network engineers to ensure secure configuration and monitoring of network devices.
Endpoint Security:
- Design and implement endpoint protection strategies, including device posture assessment and continuous monitoring.
- Work with IT teams to ensure security configurations on endpoints align with Zero Trust principles.
Security Monitoring and Incident Response:
- Implement continuous monitoring solutions to detect and respond to security incidents.
- Develop and document incident response plans for Zero Trust environments.
- Conduct regular security assessments and penetration testing.
**REQUIRED QUALIFICATIONS**
- BA/BS + 5 years recent specialized or AA/AS +7 years recent specialized or a major cert + 9 years recent specialized or 11 years of recent specialized experience
- DOD 8570 IAT 2 compliance.
- Proven experience as a Zero Trust Architect or in a similar cybersecurity role.
- In-depth knowledge of cybersecurity principles, protocols, and best practices.
- Experience with identity and access management solutions, network security, and endpoint protection.
- Familiarity with cybersecurity frameworks, compliance standards, and regulations.
- Strong problem-solving and analytical skills.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Zero Trust Architect (CZTA) are a plus.
- Extensive experience supporting Microsoft Azure and Microsoft 365
- Experience in systems infrastructure design, support, and administration
- Experience working with Microsoft Azure and Microsoft 365 in a hybrid environment.
- Azure AD, storage, and compute including Application Proxy (NDES), Storage Account, Virtual Machines, Virtual Desktop, Backup, Automation, and Functions
- Azure identity management including SSO (SAML), OAuth, MFA, RBAC, PIM, conditional access, monitoring / alerting, device registration, identity protection, and hybrid identity management / AD connect.
- Azure networking including ExpressRoute, VNet, Virtual WAN, VPN, NSG, Load Balancer, BGP, routing, and firewall concepts (Palo Alto, etc.)
- Experience collaborating with technical teams of diverse IT related skill sets.
- IAT-III Level Certification (CISSP, CASP+ CISM, etc)
- Microsoft Certified Azure Administrator Associate or Developer Associate
- Must be proficient in using different technologies such as computers and other tools and systems pertinent to the position.
- Must possess an active DoD TS/SCI security clearance.
**TRAVEL REQUIREMENTS**
- Active Passport.
- In rare occasions, overnight travel may be required.
**PHYSICAL ENVIRONMENT AND WORKING CONDITIONS**
Cambridge International Systems complies with Temporary Duty Station (TDY)/Outside Continental United States (OCONUS) vaccination requirements. If this position requires OCONUS travel (listed above), Vaccine Recommendations by AOR | Health.mil lists applicable current vaccination requirements by location.
Office setting:
- Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday.
- Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc.
- May be required to travel short distances to offices/conference rooms and buildings on site.
**BENEFITS AND PERKS**
Cambridge International Systems is committed to investing in our employees and their future by providing them with competitive compensation, career development opportunities, comfortable working condit