Virtru SME / Engineer

About The Position

Requirements

• U.S. Citizen.
• Active Secret security clearance, with the ability to obtain a Top-Secret security clearance.
• Ability to work 5 days/week onsite at 6910 Cooper Ave, Ft. Meade, MD.
• Bachelor's degree in IT or a related field with 8+ years of experience OR 12+ years of applicable experience in data protection and encryption technologies.
• Minimum DoD 8140 IAT Level 2 certification (e.g., CompTIA Security+, CySA+, GSEC, SSCP).
• Deep understanding of data-centric security, including Public Key Infrastructure (PKI), AES-256 encryption, and JSON Web Tokens (JWT).
• Proven experience with ABAC and RBAC models.
• Hands-on administration experience with Azure (Admin Console) and Microsoft 365 (Purview/Azure Information Protection).
• Proficiency in Python or PowerShell for automating bulk policy updates and integrating Virtru APIs with internal workflows.
• Experience managing Linux-based environments and Docker containers (often required for CKS/Gateway deployments).
• Experience designing, implementing, and supporting Virtru solutions across Microsoft Azure DoW cloud environments.
• Experience enforcing access controls, least-privilege, and revoking access to sensitive data.
• Understanding and applying Zero Trust principles.
• Clear communication with technical and non-technical stakeholders.
• Exceptional analytical, problem-solving, and communications skills.
• Proven ability to remain calm, decisive, and methodical under pressure.
• Experience developing and briefing materials and executive summaries on Virtru architecture, implementation, and policy.

Responsibilities

• Serve as the Virtru SME, designing, implementing, and managing Virtru solutions for Azure DoW environments to ensure secure data sharing across platforms.
• Design, implement, and maintain complex access control policies using the Virtru Control Center.
• Translate business requirements into technical attributes (e.g., clearance level, department, geography) to automate data protection.
• Orchestrate the integration of automated data labeling services.
• Ensure that files and emails are accurately tagged to trigger the appropriate encryption and DRM (Digital Rights Management) rules.
• Manage the end-to-end lifecycle of Virtru encryption keys.
• Oversee the Customer Key Server (CKS) or private keystore environments to ensure the maintenance of absolute sovereignty over data.
• Deploy and optimize Virtru across Azure, Microsoft 365, and enterprise SaaS applications to ensure a seamless user experience.
• Monitor data flow analytics to identify anomalous sharing behavior.
• Generate reports for compliance audits and perform forensic investigations into data access.
• Address complex technical issues related to Virtru deployment, including encryption failures, data leakage risks, and access control issues.
• Work alongside other IT teams, including security, compliance, and infrastructure teams, to integrate Virtru solutions at the enterprise level.
• Develop and implement data loss prevention strategies using Virtru technologies.
• Implement backup and disaster recovery solutions for Virtru encryption configurations and key management.
• Support security assessments, audits, and ATO activities, including documentation and control evidence related to Virtru, and ensure compliance with organizational and regulatory standards.
• Implement, maintain, and optimize enterprise systems in alignment with organizational standards and SOPs.
• Prepare technical standards, provide technical advice and guidance, and collaborate with other teammates to conceptualize and develop designs.
• Engage with both business and technical stakeholders.
• Other duties, as assigned.