Linux Engineer with Security - Security Clearance Required

Linux Engineer with Security

Job Category : Engineering

Time Type : Full time

Minimum Clearance Required to Start : TS / SCI with Polygraph

Employee Type : Regular

Percentage of Travel Required : Up to 10%

Type of Travel : Continental US

What You Will Get To Do :

You will be a highly skilled Senior System Engineer / Data Security supporting our engineering client. You will lead and manage data security strategies, ensuring the implementation of robust Zero Trust principles within government data environments.

You will apply sound engineering practices, good judgement and technical skills to achieve both short and long-term goals as established by client management.

• You will provide support for the internal systems and networks used by the client to support mission. You will focus on designing, engineering, and implementation of complex data protection beyond data encryption;
• and provide expert guidance on Identity and Access Management (IAM) principles and standard methodologies. You will lead the development and implantation of Zero Trust data protection strategies, including encryption, tokenization, and data masking techniques to secure sensitive data across networks;
• design and manage identity-centric access controls, defining granular permissions and enforcing least privilege access to government data, aligning with Zero Trust principles;
• implement and manage encryption methodologies for data at rest, in transit, and during processing, ensuring compliance and adherence to Zero Trust standards;

implement and manage security monitoring tools and analytic platforms, leveraging data-centric insights to identify anomalous behavior, potential threats, and vulnerabilities within government data systems.

Be part of a department with an expanding range of programs focusing on Cyber Operations, where you get to grow on and between programs with peers who are dedicated to advancing national security.

Participate in fun team outings and team building events where you get to engage with your co-workers and expand your career network.

We are a fun, engaging environment with a management team focused on growing your career and making you a part of our future.

We offer bonus compensation plans that demonstrate you being appreciated for working on the program and being a part of our team.

You'll get paid for cyber events and training, such as our Capture the Flag Events, Internal Research and Development opportunities as well as prepaid courses to nationally recognized certification courses to grow your career.

You’ll Bring These Qualifications :

An active TS / SCI with Poly clearance

Bachelor's degree in computer science, Engineering, Information Technology, or equivalent experience

15+ years of demonstrated experience as a System Engineer / Data Security focusing on Zero Trust technology

Experience building and deploying infrastructure using Automation tools such as Linux scripting, Python and PowerShell

Expertise in defining and enforcing data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures

Knowledge of strong authentication methods such as multi-factor authentication (MFA), biometric authentication, and smart card authentication for robust identity verification

Extensive experience in implementing encryption solutions for data at rest, in transit and in use, leveraging cryptographic algorithms and key management aligned with Zero Trust principles

Proficiency in data security technologies, including encryption tools, access control mechanisms, and other data-centric security tools

Understanding of encryption in transit, function and design

Ability to create and manage TLS certificates both through Windows certificate services and the creation and management of self-signed certificates

Deep-level understanding of Windows Active Directory, as well as the ability to configure / edit Windows Active Directory and Domain Services

Ability to effectively use and manage Splunk to find vulnerabilities, security incidents, and understand how security rules are written across infrastructure

Expertise implementing system logging to include network device, Windows, and Linux logging

Effectively manage and operate Privilege Access Management (PAM) software

Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent

Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment

Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent

Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions

Understanding of the difficulties involved in performing all tasks on-premises in a highly secure isolated network environment, prioritizing least privilege, network isolation, and following Zero Trust principles

Analyze customer requirements and provides solutions to a variety of technical problems of varying degrees of complexity

Familiarity of Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings

Good communication and presentation skill to convey complex technical concepts to both technical and non-technical customers

These Skills Would Be Nice To Have :

Systems administration and IT certification in Linux, Microsoft, or other network related fields

Experience using VMWare and other virtualization technologies

What We Can Offer :

We’ve been named a Best Place to Work by the Washington Post.

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive benefits and learning and development opportunities.
• We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
• For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

What You Can Expect :

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose to ensure the safety of our nation.

An environment of trust.

CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path.

You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground in your career and in our legacy.

Your potential is limitless. So is ours.

Learn more about CACI here.

Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities.

Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as;

healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here .

The proposed salary range for this position is :

$102,900 - $216,200

CACI is an Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.