Zero Trust Architect IV

*This Position is Contingent Upon Contract Award*

ABOUT ALEUT FEDERAL

At Aleut Federal, we believe the company, its mission, and its customers are just as important as the job you are applying for. Aleut Federal is an Alaskan Native-owned enterprise whose purpose is to support our “Shareholders,” the Unangax, the indigenous people of the Aleutian Islands of Alaska. People are at the core of everything we do. We support our Shareholders by providing excellent service and quality results to our clients and the various branches of the federal government. We engage in local markets, so community service is embedded in our process.

Our culture nurtures the strength of our workforce through mentorship and coaching, providing opportunities for growth and competitive benefits. We support and encourage diversity, inclusion, and accountability at every level.

The Aleut Federal motto is “We are One” because we truly believe that with one heart, one mind, and one purpose, we can accomplish our mission and be an organization anyone would be proud to be a part of.

POSITION SUMMARY

The Zero Trust Architect is a strategic leader responsible for securing the information infrastructure supporting the Distributed Common Ground System (DCGS) and STATEFARM programs. This role leads the design, implementation, and sustainment of a robust Zero Trust Architecture (ZTA) in compliance with the Department of Defense Zero Trust Reference Architecture, OMB Memorandum M-22-09, and NIST 800-207.

The architect conducts comprehensive assessments of system security postures, identifies vulnerabilities, and implements identity-centric access controls across all layers of the enterprise. They establish and manage a centralized, policy-driven control plane that enforces secure access, role-based permissions, and continuous verification of users, devices, and data transactions. This includes integration of secure LANs, WANs, VPNs, firewalls, and identity management systems to ensure dynamic and adaptive enforcement.

ESSENTIAL JOB FUNCTIONS

• Provide a blend of technical expertise, strategic mindset, and effective communication skills to drive security transformations successfully.
• Design and implement Zero Trust Engineering solutions in accordance with DAF Zero Trust Strategy 1.0, OMB M-22-09, and NIST 800-207.
• Establish a centralized policy-driven Zero Trust Control Plane to manage user/device authentication, authorization, and access control.
• Ensure the architecture supports modularity, vendor neutrality, and ease of change management to accommodate evolving mission needs.
• Define and apply continuous risk scoring methodologies for adaptive access decisions and vulnerability prioritization.
• Enable continuous monitoring of access control effectiveness through quantitative metrics and telemetry.
• Integrate secure LANs, WANs, VPNs, firewalls, and endpoint protection tools to support ZTA enforcement across all environments.
• Oversee the implementation of automation tools that streamline vulnerability data ingestion, scoring, and remediation.
• Supervise the development and approval of installation requirements and configurations for all related network and endpoint security components.
• Collaborate with the Information Security Specialist to validate ZTA effectiveness through testing, exercises, and real-time monitoring.
• Lead post-incident forensics and root cause analysis to ensure rapid containment, mitigation, and capture lessons learned to reduce future system compromise.
• Guide configuration baselines and system hardening strategies aligned with RMF controls and mission risk profiles.
• Conduct rigorous system testing, security drills, and continuous monitoring to validate enforcement and effectiveness of controls and provide in-depth post-incident analysis in response to any breaches or anomalies.
• Identify risk management practices, create incident response procedures/planning, and champion a cybersecurity-aware culture through staff training, technical mentorship, and stakeholder engagement.
• Develop timelines and execution of security upgrades to ensure operational resilience.
• Evaluate existing system security postures, identifying areas of vulnerability, and implementing robust, identity-centric access controls across all network layers
• Establish a centralized policy-based control plane, ensuring compliance with secure access, authentication protocols, and role-based permissions across all systems and environments.
• Identify key criteria to establish a secure, compliant, and mission-ready cybersecurity posture for critical ISR operations.

EDUCATION/TRAINING

• Required: Bachelor’s Degree in Cybersecurity, Information Assurance, Computer Science, or related field.
• Preferred: Master’s Degree in Cybersecurity Architecture, Network Security, or Systems Engineering.
• Required Certification: IAT Level III (e.g., CISSP, CASP+) upon hire.
• Preferred Certifications: Certified Zero Trust Strategist, CISM, CCSP, or SANS GIAC certifications.

EXPERIENCE

• Minimum 7 years of cybersecurity experience with 3+ years focused on Zero Trust implementations.
• Experience applying RMF security controls and integrating automated vulnerability and risk management frameworks.
• Strong background in identity and access management, role-based access control, and secure authentication protocols.
• Demonstrated ability to lead enterprise-scale security modernization efforts.
• Familiarity with Department of Defense cybersecurity policies and network architectures.

SKILLS/ABILITIES

• Proficient in Zero Trust tools and methodologies, including authentication, authorization, micro-segmentation, and telemetry-based decision-making.
• Ability to implement modular, flexible, and vendor-agnostic solutions in secure IT environments.
• Strong analytical and leadership skills to translate high-level requirements into secure, functional architectures.
• Proficiency with network protocols, firewalls, identity services, and automation tools.
• Excellent communication skills for interfacing with technical teams, stakeholders, and mission owners.
• In-depth knowledge of firewalls, VPNs, intrusion detection systems (IDS), and intrusion prevention systems (IPS).
• Familiarity with software-defined networking (SDN) and micro-segmentation.
• Expertise in designing and implementing Identity & Access Management (IAM) systems, including multi-factor authentication (MFA), single sign-on (SSO), and role-based access control (RBAC).
• Knowledge of identity frameworks like SAML, OAuth, and OpenID Connect.
• Understanding of concepts like "least privilege access," continuous authentication, and device security posture.
• Experience with securing workloads in multi-cloud environments (AWS, Azure, GCP) and hybrid setups.
• Knowledge of endpoint protection solutions and secure software development practices.
• Work with IT, DevOps, and cybersecurity teams to design and implement policies.
• Engage with stakeholders to align security practices across the organization.
• Handle challenges in integrating Zero Trust solutions without disrupting mission operations.
• Explain complex security concepts to non-technical stakeholders.
• Provide training and awareness sessions on Zero Trust principles.

PHYSICAL DEMANDS

• Must be able to sit or stand for extended periods.
• Must be able to use a computer and related equipment for prolonged periods.
• Able to lift 40 lbs. and support system installations and de-installations as necessary.

WORK ENVIRONMENT

• This is an Onsite position that requires work to be performed onsite at a government location in Warner Robins, GA.
• Working indoors in an office environment.

SPECIAL REQUIREMENTS

• Must be able to pass pre-employment background screening.
• Must possess and be able to maintain a Top Secret with SCI eligibility clearance.
• Must be able to be cleared for base or site access.
• Must be a US Citizen.
• Must be available for a flexible work schedule to include nights, weekends, and holidays.
• Must hold a current IAT Level II CompTIA Security + certification (or equivalent)
• Must possess a current U.S. Passport
• Includes CONUS and OCONUS travel (10-20%) to government facilities for integration, testing, or collaboration.

Salary/Rate Range $145K-$170K

We are accepting ongoing applications for this position.

Aleut offers the following benefits to eligible employees:

• Health insurance
• Dental/Vision insurance
• Paid Time Off
• Short- and Long-Term Disability
• Life insurance
• 401k and match

At Aleut, our culture thrives on diversity, inclusion, and collaboration. By integrating diverse perspectives, we open up new possibilities, foster innovation, and fully harness our team's potential. We are committed to creating an environment where every employee feels valued, included, and inspired to grow and find purpose. Join us and be part of a culture that celebrates differences and belonging for everyone, without regard to race, color, religion, or belief, national, social, or ethnic origin, genetic information, sex, sexual orientation, gender identity and/or expression pregnancy, reproductive health decision, familial responsibilities, marital status, age, physical, mental, or sensory disability, or military/veteran status. We welcome everyone as they are!

#AIT