Job Specifications
This is a long-term contract (with benefits) onsite in Reston VA, Southeast DC or College Park MD. Our client requires an active TS/SCI clearance with the willingness to take a polygraph exam.
Lead the design, deployment, and operational support of enterprise micro-segmentation strategies using Illumio Adaptive Security Platform (ASP) across hybrid environments. This role partners closely with security architects, cloud engineers, and application teams to reduce lateral movement risk, enforce Zero Trust principles, and strengthen the organization’s overall security posture.
Key Responsibilities
Lead the design, deployment, configuration, and optimization of Illumio Core and Illumio Edge across on-premises, virtualized, and cloud environments
Architect and implement Zero Trust Segmentation policies, including application dependency mapping, labeling strategies, enforcement boundaries, and zone-based controls
Develop and maintain Illumio workflows, segmentation models, dashboards, and operational runbooks for enterprise and mission-critical workloads
Integrate Illumio with SIEM/SOAR platforms, CMDB systems, vulnerability scanners, cloud-native security controls, and enterprise automation pipelines
Perform traffic flow analysis using Illumio VEN telemetry and develop policy recommendations to minimize attack surface and restrict east-west movement
Collaborate with application owners, infrastructure teams, and security stakeholders to ensure scalable and sustainable segmentation strategies
Provide operational support, troubleshooting, and optimization for deployed segmentation controls
Required Qualifications
5+ years of experience in cybersecurity, cloud security, or infrastructure engineering
3+ years of hands-on experience with Linux and Windows systems, virtualization platforms (VMware, Hyper-V), and cloud environments (AWS, Azure, or GCP)
2+ years of experience in network security, including firewalls, routing, TCP/IP, and segmentation models
2+ years of experience delivering solutions in highly regulated, mission-critical environments (e.g., federal, healthcare, finance, or energy)
1+ year of experience with infrastructure automation tools such as Ansible, Terraform, or similar
1+ year of experience working with REST APIs, scripting languages (Python, Bash, PowerShell), or automation frameworks
Active TS/SCI clearance with willingness to take a polygraph
One of the following:
Associate’s degree with 5+ years of IT project experience
Bachelor’s degree with 3+ years of IT project experience
Master’s degree with 1+ year of IT project experience
Active DoD 8570.01-M Information Assurance Technician (IAT) Level II certification (e.g., Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, CND)
Ability to obtain DoD 8570.01-M Cybersecurity Service Provider – Infrastructure Support certification within 30 days of start date
Additional Qualifications
Hands-on experience deploying and managing Illumio Adaptive Security Platform (ASP) in enterprise environments
Illumio certifications (ASP Professional, ASP Expert, or equivalent)
Experience integrating with CMDB platforms (e.g., ServiceNow), SIEM/SOAR tools, and vulnerability management solutions
Strong understanding of Zero Trust architecture, micro-segmentation, and lateral movement mitigation techniques
Excellent analytical and problem-solving skills with the ability to translate security policy into technical enforcement controls