System Engineer Mid-Level QK Pos 871 System Administrator (SA) Skill Level 2

Fort Meade, MD - USA

Monthly Salary: Not Disclosed

Posted on: 4 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Title: System Engineer - Mid-Level QK Pos: 871 - System Administrator (SA) - Skill Level 2
Location (On-site Remote or Hybrid): Fort Meade MD (onsite)
Contract Duration: 5 years

Must Have
Clearance Required: Top Secret/SCI with polygraph
Education: Bachelor s degree in IT Computer Science or related field (or equivalent experience). Experience: 7 years of system administration in secure environments.

Clearance Required: Top Secret/SCI with Active Full Scope Polygraph

Position Overview
We are seeking an experienced Linux-focused System Administrator (Level 2) to support a mission-critical program within the Intelligence Community at Fort Meade MD. This is an on-site position in a Sensitive Compartmented Information Facility (SCIF) environment requiring a TS/SCI clearance with an active Full Scope Polygraph prior to consideration. The successful candidate will be responsible for the day-to-day administration security compliance and operational health of complex Linux-based infrastructure spanning virtualized environments container platforms and classified networked systems.

The SA Level 2 operates with a high degree of independence and serves as a technical authority on Linux systems engineering PKI/cryptographic policy enforcement storage management IP networking and security compliance. This role carries significant responsibility for System Security Plan (SSP) maintenance STIG implementation and supporting Secure Telephone Equipment/Network (STE/STN) infrastructure within a heavily regulated RMF/NIST framework.

Key Responsibilities
Linux Systems Administration

Administer configure harden and maintain Red Hat Enterprise Linux (RHEL) Rocky Linux and/or CentOS Stream server environments
Apply and maintain DISA STIG configurations using OpenSCAP and other SCAP-compliant tooling; remediate findings from automated scans
Manage system performance tuning patch management (yum/dnf) software package management and OS lifecycle operations
Configure and manage system services daemons scheduled tasks logging (rsyslog/journald) and audit frameworks (auditd)
Provide Tier 1 and Tier 2 application support and general troubleshooting across all Linux-based systems

Security Compliance - SSP RMF and STIG

Support ongoing System Security Plan (SSP) development maintenance and compliance activities in accordance with NIST SP 800-53 Rev 5 controls
Conduct and document Risk Management Framework (RMF) activities including control implementation statements POA&M tracking and continuous monitoring
Perform and respond to vulnerability assessments; coordinate CVE remediation and ensure timely patching
Maintain system authorization boundaries support A&A activities and coordinate with the ISSO/ISSM
Enforce DoD crypto policies including FIPS 140-2/140-3 mode configuration

STE/STN Support

Install configure and maintain Secure Telephone Equipment (STE) and Secure Telephone Network (STN) infrastructure
Coordinate STE/STN provisioning moves adds and changes (MACs) with communications and security personnel
Troubleshoot STE/STN connectivity and interoperability issues
Maintain accurate inventory and documentation for all STE/STN endpoints

PKI TLS and Cryptographic Management

Manage DoD PKI operations including certificate issuance renewal revocation and trust store management
Configure and maintain TLS/SSL for system services and applications
Administer hardware security modules (HSMs) and software-based key management systems where deployed
Apply and enforce system crypto policies to ensure FIPS compliance across all managed systems

Containers and Cloud Environments

Deploy operate and maintain containerized workloads using Docker and/or Podman
Administer Kubernetes or OpenShift container orchestration clusters within classified/air-gapped environments
Manage container image pipelines including base image hardening vulnerability scanning and approved image registries
Support lifecycle management of containerized applications

Virtualization

Administer VMware vSphere/vCenter environments including ESXi host management
Manage KVM/QEMU-based virtual environments on Linux hosts
Coordinate capacity planning and resource optimization across virtualized infrastructure

Storage Management

Administer NAS and SAN systems; manage LUN provisioning zoning and multipath I/O
Operate and maintain Ceph distributed storage clusters
Configure and manage LVM RAID arrays and filesystem operations
Implement and verify data-at-rest encryption requirements

IP Networking and Firewall Management

Configure and manage host-based firewalls (firewalld iptables/nftables) on Linux systems
Troubleshoot TCP/IP networking issues including routing DNS DHCP VLAN segmentation
Interface with network engineers on firewall rule changes and ACLs

Qualifications
Education: Bachelors degree in Information Technology Computer Science Cybersecurity or related field. Equivalent experience may be substituted.
Experience: 5 years of system administration experience in classified or secure DoD/IC environments.

Additional Required Qualifications:

Active TS/SCI clearance with Full Scope Polygraph - must be active prior to start
Deep hands-on Linux proficiency across RHEL Rocky Linux and/or CentOS
Demonstrated experience with DISA STIGs and SCAP compliance scanning
Working knowledge of NIST SP 800-53 controls and RMF process
Experience with SSP development and A&A/ATO activities
Hands-on STE/STN installation configuration and support experience
Solid understanding of PKI/TLS/cryptographic standards including DoD PKI and FIPS enforcement
Strong IP networking fundamentals and host-based firewall management
Experience with container platforms (Docker Podman Kubernetes or OpenShift)
Experience with virtualization platforms (VMware vSphere KVM/QEMU)
Storage management experience with NAS SAN LVM and/or distributed storage
DoD 8140 IAT Level II compliance (Security CASP or equivalent)

Desired Skills

Experience with Ansible Puppet SaltStack or Chef
Proficiency in Bash and Python scripting
OpenShift Container Platform experience in classified deployments
Experience with cross-domain solutions (CDS)
Familiarity with DoD cloud environments (AWS GovCloud C2S)
Red Hat RHCSA or RHCE certification

Job Title: System Engineer - Mid-Level QK Pos: 871 - System Administrator (SA) - Skill Level 2 Location (On-site Remote or Hybrid): Fort Meade MD (onsite) Contract Duration: 5 years Must Have Clearance Required: Top Secret/SCI with polygraph Education: Bachelor s degree in IT Computer Scien...