Zero Trust Segmentation Platform Engineer
EEOC
full-time
Posted on:
Location Type: Hybrid
Location: Reston • Colorado, Florida, Maryland, Virginia, Washington • 🇺🇸 United States
Visit company websiteSalary
💰 $77,600 - $176,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AnsibleAWSAzureCloudCyber SecurityFirewallsGoogle Cloud PlatformLinuxPythonTerraformTypeScriptVMware
About the role
- Lead the design, deployment, configuration, and optimization of Illumio Core and Illumio Edge across on-premises, virtualized, and cloud environments.
- Support the architecting and implementation of Zero Trust Segmentation policies, including application dependency mapping, labeling frameworks, enforcement boundaries, and zone-based controls.
- Develop Illumio workflows, runbooks, dashboards, and segmentation models for enterprise workloads and critical applications.
- Integrate Illumio with SIEM / SOAR, CMDB, C2C, vulnerability scanners, cloud-native controls, and enterprise automation pipelines.
- Conduct traffic flow analysis using Illumio VEN telemetry and build policy recommendations to reduce attack surface and limit east-west movement.
- Troubleshoot system performance, VEN installation issues, policy conflicts, and platform health across distributed infrastructure.
- Partner with application owners to onboard workloads, validate segmentation plans, and support change management processes.
- Perform lifecycle management, including upgrades, health checks, certificate operations, and policy governance.
- Collaborate with security architects to align Illumio policy models with broader Zero Trust and NIST 800-207 strategies.
- Contribute to architectural standards, documentation, and enterprise security playbooks.
Requirements
- 5+ years of experience in cybersecurity, cloud security, or infrastructure engineering
- 3+ years of experience in Linux or Windows systems, virtualization, including VMware or Hyper-V, and cloud environments, including AWS, Azure, or GCP
- 2+ years of experience with network security, including firewalls, routing, segmentation models, or TCP / IP
- 2+ years of experience developing and deploying solutions for highly regulated mission-critical environments, including finance, healthcare, federal, or energy
- 1+ years of experience with infrastructure automation tools such as Ansible or Terraform
- 1+ years of experience with REST APIs, scripting, including Python, Bash, or PowerShell, or automation frameworks
- Active TS/SCI clearance; willingness to take a polygraph exam
- Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, or Master’s degree and 1+ years of experience supporting IT projects and activities
- DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND
- Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification within 30 days of start date
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecuritycloud securityinfrastructure engineeringLinuxWindowsvirtualizationnetwork securityinfrastructure automationREST APIsscripting
Soft skills
collaborationtroubleshootingchange managementdocumentation
Certifications
TS/SCI clearanceDoD 8570.01-M IAT Level IISecurity+ CECCNA-SecurityGSECSSCPCySA+GICSPCNDCEH