Network Security Subject Matter Expert (SME)

Job Description

Network Security Subject Matter Expert (SME)

Time Type : Full time

Minimum Clearance Required to Start :  TS / SCI with Polygraph

As a skilled Network Security SME, you will leverage your extensive experience in system engineering and data security, particularly focused on Zero Trust technology, to ensure the highest level of security for our network infrastructure. You will help build, secure, and maintain critical systems, ensuring compliance with security best practices and industry standards.

Key Responsibilities :

Zero Trust Security Implementation :  Design, deploy, and enforce   Zero Trust   security measures across the network infrastructure, ensuring secure access and compliance.

Infrastructure Automation :  Build and deploy secure infrastructure using Linux scripting, Python, and PowerShell automation tools to streamline operations and enhance security.

Data Retention & Compliance :  Define and implement data retention policies in compliance with government regulations, ensuring data availability and alignment with Zero Trust security measures.

Authentication Methods :  Implement multi-factor authentication (MFA), biometric authentication, and smart card technologies to ensure robust identity verification across systems.

Encryption Solutions :  Implement encryption for data at rest, in transit, and in use, leveraging cryptographic algorithms and key management strategies that adhere to Zero Trust principles.

TLS Certificate Management :  Create, manage, and deploy TLS certificates using Windows certificate services and self-signed certificates to ensure secure communication across systems.

Windows Active Directory & Domain Services :  Manage, configure, and secure Windows Active Directory, ensuring it integrates with security policies and Zero Trust principles.

Splunk & System Logging :  Utilize Splunk to identify vulnerabilities and security incidents, and implement logging for network   devices, Windows, and Linux systems to enhance visibility and security monitoring.

Privilege Access Management (PAM) :  Manage PAM software and related systems, ensuring restricted access to critical assets and enforcing least privilege access controls.

Secrets Management :  Administer secrets management solutions such as A nsible Vault, HashiCorp Vault, or equivalent tools to secure sensitive information.

Linux Server Configuration :  Configure and secure Linux servers for local authentication, domain joining, and managing least   privilege permissions.

Multi-Factor Authentication (MFA) Systems :  Design and manage MFA environments, including the integration of tools like Yubikey and RSA token s , across domain-joined and stand-alone machines.

Network Segmentation :  Configure and manage network segmentation using tools such as iptables, nftables, or Illumio to enhance security.

On-Premises Security :  Work in a secure isolated network environment, ensuring the application of Zero Trust principles with a focus on network isolation and least privilege access controls.

Technical Problem-Solving :  Analyze and provide solutions for complex technical problems, ensuring security and system integrity across environments.

Enterprise Vulnerability Scanning :  Leverage enterprise vulnerability scanning tools to identify, interpret, and remediate security findings to ensure a secure infrastructure.

Communication & Reporting :  Effectively communicate complex technical concepts to both technical and non-technical stakeholders, ensuring clarity and understanding of security measures.

Mandatory Requirements :

Bachelor's Degree  in Computer Science, Engineering, Information Technology, or equivalent experience.

15 years  of demonstrated experience as a System Engineer or Data Security Expert, with a focus on Zero Trust technology.

Expertise in building and deploying secure infrastructure using Linux scripting, Python, and PowerShell.

Extensive experience defining and enforcing data retention policies aligned with government regulations, focusing on data availability and compliance with Zero Trust security measures.

Knowledge and hands-on experience with multi-factor authentication (MFA), biometric, and smart card authentication.

Extensive experience implementing encryption solutions for data at rest, in transit, and in use, leveraging cryptographic algorithms and key management.

Proficiency in data security technologies (encryption tools, access control mechanisms, etc.).

Strong understanding of Windows Active Directory and the ability to configure / edit Domain Services.

Expertise in managing and configuring Splunk to find vulnerabilities, security incidents, and security rules.

In-depth knowledge of system logging, including for network devices, Windows, and Linux systems.

Proven ability to implement and operate Privilege Access Management (PAM) software.

Experience managing secrets management tools like Ansible Secrets Vault, HashiCorp Vault, or similar.

Experience configuring and securing Linux servers for local user authentication and domain integration with least privilege permissions.

Strong experience designing and managing multi-factor authentication (MFA) environments with tools such as Yubikey and RSA tokens.

Expertise in network segmentation and redirection using tools like iptables, nftables, or Illumio.

Ability to perform tasks in a highly secure, isolated network environment while adhering to Zero Trust principles.

Ability to analyze customer requirements and provide effective solutions for complex technical challenges.

Familiarity with Enterprise Vulnerability Scanning tools and remediation processes.

Strong communication skills to convey complex technical concepts to both technical and non-technical customers.

Desired Requirements :

Certifications  in Systems Administration or IT, such as Linux, Microsoft, or other network-related certifications.

Experience with VMware and other virtualization technologies.

About WarCollar Industries

COVID-19 Vaccination Policy :

Prospective and / or new employees will be required to adhere to the customer’s vaccination policy.

About us :

WarCollar Industries, LLC is a veteran-owned small business. We maintain a team of cybersecurity experts committed to protecting complicated data and distribution systems and providing decision makers with the most accurate assessment of residual risk possible. We work with our clients to solve the toughest challenges in the ever-evolving digital landscape. Services include network defense, computer network attack, secure network design, penetration testing and vulnerability assessment. WarCollar enables its clients to find, fix, stop, and ultimately solve cybersecurity problems across their entire enterprise.

WarCollar offers generous benefits including : Medical insurance premium coverage; PTO based on billable hours; federal holidays plus your birthday; matching 401k, education reimbursement plus paid training days; performance bonuses; referral bonuses; government shutdown protection; monthly team building events plus two major social events annually.

WarCollar Industries, LLC is an equal opportunity employer. WarCollar does not discriminate in employment based upon race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, status as a protected military veteran, or other non-merit factor.