Job Description
Everforth ECS is seeking a Zero Trust Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax. Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
• The Zero Trust Engineer implements and operates the technical security controls, access enforcement mechanisms, and network segmentation capabilities that underpin WDP's Zero Trust architecture across all classification tiers. This role supports WDP's alignment with the DoW Zero Trust Reference Architecture and NIST SP 800-207 by translating Zero Trust policy requirements into operational configurations, validated control baselines, and continuously monitored enforcement mechanisms that protect mission systems operating across NIPRNet, SIPRNet, and JWICS.
• Implements and operates Zero Trust security controls supporting mission systems across multiple security enclaves.
• Configures identity-based access policies using Active Directory, ICAM tooling, certificate services, and privileged access workflows to enforce least-privilege principles.
• Maintains network segmentation controls through firewall rule sets, software-defined perimeter configurations, container network policies, and cloud security groups to limit unauthorized access paths.
• Supports continuous authentication and authorization processes informed by device posture, user behavior, and threat intelligence collected through SIEM and endpoint detection platforms such as Splunk and EDR solutions.
• Executes policy updates, access changes, and technical refinements in coordination with network administrators, system engineers, and application teams.
• Documents Zero Trust implementations, configuration baselines, operational procedures, and runbooks within approved knowledge repositories.
• Assists with control validation, operational testing, and assessment preparation by assembling technical artifacts and evidence.
• Resolves operational issues related to access enforcement, segmentation drift, and encrypted traffic handling.
• Contributes to steady improvement of Zero Trust maturity while reinforcing program values of operational reliability, security consistency, and mission readiness.
• Performs other duties as assigned.