Zero Trust Engineer Mid Level
CELESTIAL INNOVATIONS GROUP LLC
Job Description
Job Description
POSITION SUMMARY
Celestial Innovations Group (CIG) is seeking a Mid Zero Trust Engineer to support federal agency clients in the design, implementation, and sustainment of Zero Trust Architecture (ZTA) programs. This role is framework-agnostic and vendor-informed: the ideal candidate understands that Zero Trust is a security philosophy and architectural strategy, not a single product or platform. The engineer will apply that expertise across one or more leading vendor ecosystems to deliver compliant, mission-ready ZTA solutions aligned with federal mandates including EO 14028, OMB M-22-09, NIST SP 800-207, and the CISA Zero Trust Maturity Model.
KEY RESPONSIBILITIES
Architecture and Strategy
- Lead Zero Trust Architecture assessments, gap analyses, and roadmap development for federal clients
- Design and document ZTA solutions spanning all five pillars: Identity, Device, Network, Application/Workload, and Data
- Translate federal ZTA mandates (EO 14028, OMB M-22-09, CISA ZT Maturity Model) into actionable implementation plans
- Develop architecture artifacts including conceptual, logical, and physical ZTA diagrams using DODAF, TOGAF, or equivalent frameworks
- Support integration of ZTA principles into existing enterprise architectures, hybrid cloud environments, and multi-tenant federal networks
- Deploy and configure Zero Trust solutions across one or more vendor platforms (see Vendor Ecosystem section below)
- Implement Identity and Access Management controls including CAC/PIV authentication, MFA, role-based access control (RBAC), and Just-in-Time (JIT) Privileged Access Management
- Configure microsegmentation, Zero Trust Network Access (ZTNA), software-defined perimeters, and DNS security controls
- Deploy Endpoint Detection and Response (EDR) tooling and enforce device compliance policies at enterprise scale
- Integrate data protection controls including classification, labeling, DLP, and encryption aligned to ZTA data pillar requirements
- Align ZTA implementations with NIST SP 800-53 Rev 5, NIST SP 800-207, DISA STIGs, and DHS CDM program requirements
- Support the Risk Management Framework (RMF) lifecycle, including SSP authoring, continuous monitoring, and ATO maintenance
- Document ZTA controls for system security packages, POA&Ms, and security assessment reports
- Serve as a trusted ZTA advisor to federal agency stakeholders, program managers, and ISSO/ISSM counterparts
- Produce executive-level briefings, technical white papers, and implementation status reports
- Collaborate cross-functionally with cloud, networking, data analytics, and infrastructure teams to ensure cohesive ZTA integration
CIG's ZTA practice is solution-agnostic at the architectural level. Engineers are expected to bring deep expertise in at least one of the following vendor platforms, with cross-platform fluency strongly preferred: Vendor / Framework & Relevant Capabilities
Palo Alto Networks (Prisma): Prisma Access (ZTNA 2.0), Prisma Cloud, Cortex XDR/XSIAM, NGFW policy, SD-WAN integration, threat prevention across all ZTA pillars
Zscaler: Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), Zscaler Digital Experience (ZDX), cloud proxy architecture, VPN replacement, SSL inspection
Microsoft Zero Trust: Microsoft Entra ID (Azure AD), Conditional Access, Intune/MEM, Microsoft Defender suite, Sentinel SIEM/SOAR, Purview data governance, M365 compliance center
CISA ZT Maturity Model: Five-pillar maturity assessment (Traditional, Initial, Advanced, Optimal), cross-cutting capability mapping, agency self-assessment support, roadmap alignment to federal reporting requirements
REQUIRED QUALIFICATIONS
Experience
- 5+ years of experience in cybersecurity engineering, network security, or IT infrastructure roles
- 2+ years of hands-on experience designing or implementing Zero Trust Architecture in an enterprise or federal environment
- Demonstrated understanding of ZTA concepts across all five pillars per NIST SP 800-207 and the CISA Zero Trust Maturity Model
- Experience supporting federal government clients or DoD/civilian agency environments
- Proficiency in at least one of the following: Palo Alto Prisma, Zscaler, or Microsoft Zero Trust stack
- Identity and access management: Entra ID, Active Directory, LDAP, PKI, MFA, PAM tooling
- Network security: microsegmentation, ZTNA, DNS security, SD-WAN, next-generation firewall policy
- Endpoint security: EDR/XDR deployment and management, device compliance policy enforcement
- Cloud environments: Azure, AWS, or hybrid cloud architectures with ZTA overlay
- Familiarity with SIEM/SOAR platforms (Microsoft Sentinel, SumoLogic, Google SecOps, or equivalent)
PREFERRED QUALIFICATIONS
- Active certifications in one or more ZTA vendor platforms: PCCSE, PCNSE, Zscaler ZCCA-IA or ZCCA-PA, Microsoft SC-100 (Cybersecurity Architect Expert)
- Additional certifications: CISSP, CISM, CompTIA Security+, Cloud+ or relevant AWS/Azure security certifications
- Familiarity with RMF processes: NIST SP 800-37, SSP authoring, ATO package preparation
- Experience with ServiceNow, Salesforce, or IT service management tooling in a federal context
- Multi-vendor ZTA integration experience (e.g., combining Palo Alto and Zscaler capabilities within a single architecture)
- Familiarity with post-quantum cryptography standards (FIPS 203/204/205) and their ZTA implications
Flexible work from home options available.
- ZERO TRUST (ZT) PROCESS RE-ENGINEERING SME POSITION OVERVIEW The Zero Trust Process Re-Engineering SME exists to provide senior-level advisory expertise in assessing, analyzing, and re-engineering the agency's enterprise IT and cybersecurity processes to advance its Zero...SuggestedCasual workRemote work
- ...SHINE Systems is looking for a Mid-Level Test Systems Engineer to join our team supporting the National System of Geospatial-intelligence (NSG), Allied System of Geospatial-intelligence (ASG), and Federal Agencies. In this role, you will perform Application, System, and...SuggestedContract workWork experience placementLocal area
- Zermount, Inc. is seeking a Zero Trust (ZT) Process Re-Engineering SME in Arlington, VA to provide senior-level advisory expertise for IT and cybersecurity processes. The role focuses on compliance with federal mandates and requires at least 10 years of relevant experience...SuggestedRemote work
$85k - $110k
...Systems Engineer, Mid (This is not a remote position) Position Overview: We are seeking a Mid-Level Systems Engineer to support acquisition programs for our client in Stafford, VA. The ideal candidate will provide direct technical support to a diverse team, including Assistant...SuggestedTemporary workFor contractorsWork at office- Saic is looking for an experienced Information Systems Security Engineer (ISSE) to join their team in Arlington, Virginia. The role... ...involves designing secure, cloud-ready platforms and implementing Zero Trust principles in mission systems. The ideal candidate will have a...Suggested
$63 - $70 per hour
...methodologies to ensure our clients’ success. Position Overview The Mid-Level Fire Protection Engineer supports fire protection system design review, analysis,... .... Valid driver’s license and ability to obtain Public Trust clearance. Compensation Compensation: $63 - $70 hourly (...Hourly payPermanent employmentTemporary workLocal area$112.8k - $257k
Job Number: R0242245 Zero Trust Engineer The Opportunity Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head challenge... ...written communication skills Bachelor's degree DoD 8570 IASAE Level III Certification such as CISSP-ISSAP, CISSP-ISSEP, or CCSP...Full timeContract workPart timeWork at officeLocal areaRemote work$90k - $130k
...Description Job Description Position: Hardware Design/Test Engineer, Mid-level - FAA Function: Hardware Design and Testing... ...or a legal resident for three of the past five years. Public Trust cannot be granted without meeting the residency requirement....Local areaRemote work$86.9k - $198k
Job Number: R0237648 Zero Trust Sales Engineer The Opportunity Serve as a key lead engaging with program managers, senior leaders, the acquisition... ...capabilities and emerging mission needs. Leverage senior‑level leadership and extensive community relationships within the...Full timePart timeWork at officeLocal area- ...Alexandria, Virginia is seeking a highly experienced SME Systems Engineer to support critical Identity, Credential, and Access... ...will have a strong background in federated identity concepts, Zero Trust principles, and hold DoD certifications. A hybrid work schedule...
- GovCIO is hiring a Systems Engineer for Zero Trust integration with the US Air Force at Joint Base Anacostia-Bolling. This full-time, on-site position involves designing Zero Trust architectures and integrating identity services with various systems. The role demands a...Full timeFlexible hours
- Summary EA Governance Process Engineer - Mid, Arlington, VA Are you ready to enhance your skills... ...and take your career to the next level! The Mid EA Governance Process Engineer... ...such as DoDAF, FEAF, TOGAF, NIST, and Zero Trust Architecture. Experience supporting architecture...Work at officeWork from homeHome office
- AHU Technologies Inc in Washington is seeking a mid-level QA Engineer to ensure quality assurance in software testing. The role involves monitoring system functions, troubleshooting issues, and executing system configurations. Ideal candidates will have experience with...
- ...Management is seeking a mission‑driven Senior Zero Trust Cloud Security Architect to lead the... ...expertise in Zero Trust, cloud security engineering, and enterprise architecture prepared... ...relevant experience in lieu of a degree. IAT Level III certification (e.g., CISSP, CISM)...For contractorsLocal areaRemote work
$105.26k - $197.2k
Computer Science & Engineering Professionals - Mid to Expert Level (Maryland) Bladensburg, Maryland, US Role Overview CNSS • National Security Systems is hiring a mid-level Computer Science & Engineering Professional in Bladensburg. Job Description Pay Plan: GG, Grade...Full timeWork experience placementTrial periodMonday to FridayFlexible hours- ...cloud security firm is seeking a Senior Zero Trust Cloud Security Architect. This role involves... ...in Zero Trust and cloud security engineering, with a strong focus on enterprise architecture... ...an active Top-Secret clearance and IAT Level III certification. #J-18808-Ljbffr NANA...
- ...SECAF Government Contractor of the Year , we are seeking Mid-Level and Senior Structural Engineers to support critical U.S. Navy ship design and... ...provide engineering oversight, mentor staff, and serve as trusted advisors to our government customers. Whether your expertise...For contractors
- ...Join a collaborative engineering team in the Tysons Corner, VA area supporting critical infrastructure and applications across enterprise environments. We are seeking a mid-level Systems Engineer to help design, implement, and maintain secure, high-performing systems...Local areaFlexible hours
- ...Service Sales Engineer The Service Sales Engineer is responsible... ...business within the assigned Mid Atlantic territory. This role... ...customer relationships at all levels, ensuring a consistent, high standard... ...service. Act as a trusted advisor to customers by understanding...Work at office
$113k - $160k
Position Summary Technology Service Corporation (TSC) is seeking a Mid‑Level Thermal Engineer to support work at the Naval Research Laboratory. This position offers the opportunity to directly impact high‑priority Navy missions. Location: Arlington, Virginia. Responsibilities...Flexible hours- ...wide range of clients across the Federal government, from senior level policy makers to program managers, to choose smartly, buy... ...and techniques. Responsibilities and tasks will include system engineering plan review and development, program and schedule management, systems...For contractors
$91.8k - $124.2k
...Systems MILSATCOM Program, is seeking Ground MILSATCOM Systems Engineer Trainers (Level 2 or 3) to provide leadership and guidance in development of... ...preferred, although not required, accreditation standard. Mid‑Level (Level 3): Education/experience typically acquired...Civilian ContractorPermanent employmentFor contractorsTraineeshipWork experience placementInterim roleRelocationVisa sponsorshipWork visaRelocation packageFlexible hoursShift workDay shift- Eliassen Group is seeking a Lead Privileged Access Management (PAM) Engineer to design, implement, and manage PAM solutions in Washington,... ...with CyberArk and modern identity platforms, supporting Zero Trust initiatives. Applicants should be prepared to work on a W2 basis...
- LaunchCode is seeking an ICAM Engineer to support enterprise identity and access management initiatives within a large-scale cybersecurity... .... This hybrid role focuses on enhancing identity security and zero-trust architectures. Applicants must have at least 3 years of...
$190.8k - $262.3k
## Hypersonic Systems Engineer Level IVApplylocations: Washington Navy Yard, District of Columbiatime... ...are passionate about our people and our Zero Harm culture. These inform all that we... ...of Integrity -** We value honesty, trust, courage, fairness, prudence and tenacity...Contract workTemporary workWork at officeLocal areaWorldwideRelocation package- Teltrium is seeking a mid-level RF Systems Engineer to support the development and implementation of a SmallSat Relay System in support of a NASA program. The ideal candidate will have expertise in RF systems design and satellite communication technologies. This role will...Full time
- ...Zero Trust Analyst Zero Trust Analyst Location: Arlington, VA (On-Site) Citizenship... ...assessments. Coordinate with engineering, cloud, identity, and compliance teams to... ...CompTIA Security+ or higher certification level preferred. Company Benefits ARGO...Contract workFor contractors
- ...employees are respected, supported, and engaged. Description: Engineering Technician II performs standardized or prescribed assignments involving... ...may be reviewed in progress. This technician performs at this level, one or a combination of such typical duties as: Following...Contract work
- RedMatter Solutions LLC is seeking an Entra ID Engineer to support the design, implementation, and maintenance of identity solutions... ...for 3 days a week, ensuring collaboration with cybersecurity teams on Zero Trust initiatives. #J-18808-Ljbffr RedMatter Solutions LLC3 days per week
$86.9k - $198k
Booz Allen Hamilton is seeking a Zero Trust Sales Engineer to engage with program managers and DoD clients in Washington, DC. This role requires extensive experience in sales engineering and knowledge of Zero Trust solutions. Responsibilities include shaping acquisition...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Zero Trust Engineer Mid Level. Be the first to apply!

