Zero Trust S Sme

ZERO TRUST APPLICATIONS AND WORKLOADS SME

Join to apply for the ZERO TRUST APPLICATIONS AND WORKLOADS SME role at Zermount, Inc.

4 days ago – Be among the first 25 applicants.

Military Friendly & Preferred – Hoh Sponsor

Zermount Inc. is seeking a Zero Trust (ZT) Applications and Workloads SME to assist in providing security to one of our federal clients. The SME will be part of the implementation of ZT principles across the pillars of ZT (identity, device, network, application and workload, and data) to assist the client in meeting the requirements set forth by EO 14028 and OMB M 22-09.

The SME will lead the design, development, and assessment of virtualization and application security solutions in alignment with Zero Trust principles.

• Lead the design, development, and implementation of applications and workloads solutions aligned with Zero Trust principles.
• Support the architecture and design of innovative solutions and services to secure client networks, and provide leadership with recommendations on the right technologies, solutions, and processes required to meet the objectives of EO 14028 and other Federal requirements.
• Map ZT capabilities, requirements, and existing client capabilities, and new or approved capabilities required for the applications and workloads pillar as outlined by CISA, M-21-31, M-22-01, M-22-09, EO 14028, NIST 800‑207, and any future memoranda, EO’s, and standards.
• Collaborate with cross‑functional teams to understand business requirements and translate them into technical solutions.
• Provide expertise for the secure development of applications, ensuring that security is integrated into the Software Development Lifecycle (SDLC) from the beginning and driving Dev Sec Ops  practices.
• Provide expertise for segmenting workloads to isolate them from each other, reducing the attack surface and minimizing the impact of potential breaches.
• Provide expertise for establishing continuous monitoring solutions and capabilities to detect and respond to anomalies and potential security threats within applications and workloads.
• Provide expertise to ensure the secure integration of applications and workloads across various environments (e.g., cloud, on‑premises, and hybrid).
• Provide expertise in the review, assessment, and solution recommendation for Zero Trust maturity evaluations.
• Stay up to date with emerging technologies and industry trends related to application security, application access controls, application threat protections, and secure application development.
• Provide technical guidance and mentorship to junior team members.

• A minimum of 10 years of IT cybersecurity experience including direct support for the US Government and 7 years acting as an ISSO, assessor, or compliance analyst for enterprise IT systems OR a relevant Bachelor's degree in IT, computer science, or engineering and 7 years of IT cybersecurity experience including direct support for the US Government and 5 years acting as an ISSO, assessor, or compliance analyst.
• Solid experience in virtualization technologies, such as VMware, Hyper‑V, or KVM.
• Strong understanding of Zero Trust principles and their application in virtualization and application development.
• Knowledge of containerization technologies like Docker and orchestration tools like Kubernetes.
• Familiarity with cloud platforms and services, such as AWS, Azure, or Google Cloud.
• Experience implementing security controls and best practices in virtualized environments and application development.
• Ability to troubleshoot and resolve issues in virtualization, cloud, and application deployment.
• Strong communication and collaboration abilities.
• Experience communicating effectively, both oral and written, with technical, non‑technical, and executive‑level customers.
• Knowledge of EO 14028, OMB M 22‑09, Federal, DoD, and CISA Zero Trust Architecture, Maturity Model, and Technical Reference Architectures.
• Excellent communication, collaboration, and problem‑solving skills.
• Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
• Technical knowledge of complex enterprise IT systems.
• Knowledge and experience using relevant…