Zero Trust Engineer

About The Position

Requirements

• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
• A minimum of 3 years of experience in cybersecurity engineering, Zero Trust implementation, or a closely related discipline within a federal, defense, or government contracting environment, with demonstrated hands-on proficiency configuring and operating identity-based access controls, network micro-segmentation, and continuous monitoring capabilities in support of Zero Trust architecture requirements across classified or enterprise mission environments.
• Active IAM Level I certification, satisfied by one of the following: CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).

Responsibilities

• Implements and operates the technical security controls, access enforcement mechanisms, and network segmentation capabilities that underpin WDP's Zero Trust architecture across all classification tiers.
• Supports WDP's alignment with the DoW Zero Trust Reference Architecture and NIST SP 800-207 by translating Zero Trust policy requirements into operational configurations, validated control baselines, and continuously monitored enforcement mechanisms that protect mission systems operating across NIPRNet, SIPRNet, and JWICS.
• Implements and operates Zero Trust security controls supporting mission systems across multiple security enclaves.
• Configures identity-based access policies using Active Directory, ICAM tooling, certificate services, and privileged access workflows to enforce least-privilege principles.
• Maintains network segmentation controls through firewall rule sets, software-defined perimeter configurations, container network policies, and cloud security groups to limit unauthorized access paths.
• Supports continuous authentication and authorization processes informed by device posture, user behavior, and threat intelligence collected through SIEM and endpoint detection platforms such as Splunk and EDR solutions.
• Executes policy updates, access changes, and technical refinements in coordination with network administrators, system engineers, and application teams.
• Documents Zero Trust implementations, configuration baselines, operational procedures, and runbooks within approved knowledge repositories.
• Assists with control validation, operational testing, and assessment preparation by assembling technical artifacts and evidence.
• Resolves operational issues related to access enforcement, segmentation drift, and encrypted traffic handling.
• Contributes to steady improvement of Zero Trust maturity while reinforcing program values of operational reliability, security consistency, and mission readiness.
• Performs other duties as assigned.