Integration Engineer (API/Cross Enclave) SME, Zero Trust (TS/SCI)

About The Position

Requirements

• SME Level: Bachelor of Science (BS) or Master of Science (MS) in Computer Science, Software Engineering, or a related technical field.
• 15+ years of relevant experience
• Integration Expertise: Extensive hands-on experience designing and implementing REST/SOAP APIs, Webhooks, and custom middleware for enterprise system integration.
• Identity Integration: Proven experience integrating Identity Providers (IdP) such as Microsoft Entra ID (Azure AD) or SailPoint with third-party applications using SAML, OIDC, or SCIM standards.
• Scripting Proficiency: Advanced proficiency in Python, PowerShell, or JavaScript for automation and data manipulation.
• Security Engineering: Strong understanding of secure coding practices, API security (OAuth2, API Keys), and encryption protocols (TLS/SSL).
• Required: CompTIA Security+ CE (or higher) to meet DoD 8570 IAT Level II requirements.
• Active Top-Secret clearance with SCI eligibility.

Nice To Haves

• Experience integrating BigID or Kiteworks via API.
• Familiarity with Splunk data ingestion and the Common Information Model (CIM).
• Experience working with Cross-Domain Solutions (CDS) or data diodes in a DoD environment.
• Knowledge of Attribute-Based Access Control (ABAC) policy logic.
• Preferred: CISSP (Certified Information Systems Security Professional) or CASP+ CE (CompTIA Advanced Security Practitioner) to meet IASAE III requirements.
• Preferred: API or Cloud Development certifications (e.g., AWS Certified Developer, Microsoft Azure Developer Associate).

Responsibilities

• API Architecture & Development: Design and build custom middleware and API connectors to federate identity attributes between Microsoft Entra ID (NIPR), SailPoint (SIPR/Top Secret), and downstream security platforms.
• Cross-Enclave Telemetry Integration: Engineer the secure integration of on-premise tools (BigID, Kiteworks, Trellix) with the enterprise Splunk instance on SIPR and the Top-Secret network, ensuring data flows securely between components.
• ABAC Implementation: Develop the technical logic to inject NIST 8112 metadata attributes into Policy Decision Points (PDP), enabling dynamic "If/Then" access control logic based on user pedigree and clearance status.
• Automation & Orchestration: Script and automate the data exchange workflows required to synchronize the "Data Inventory" across hybrid cloud (AWS/Azure) and on-premise (NetApp/QNAP) storage.
• Secure Data Flow: Ensure that all cross-component communications adhere to TLS encryption standards and Mutual Authentication (mTLS) requirements, particularly within the hardened Top-Secret environment.

Benefits

• We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more.
• We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.
• We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.