Zero Trust Architect

Kaiserslautern, Kaiserslautern, Germany
Full Time
Mid Level

When you join the Cambridge team, you are part of a skilled and talented global community that is united by a set of core values: commitment, integrity, and perseverance. Join our team and help us confront today’s most threatening and complex obstacles!

Cambridge International Systems, Inc. has a full-time Zero Trust Architect opportunity available based in Kaiserslautern, Germany (Patch Barracks).  

Qualified candidates for this job must possess a current DoD Secret security clearance and be eligible for DoD Top Secret clearance, NATO Indoctrination, and meet TESA accreditation requirements.  ***TESA Certification allows employees the to be tax exempt for both Germany and US, in addition to other great perks***

Employees may be eligible for: relocation reimbursement, housing allowance, COLA and school reimbursement for dependents.

ROLE RESPONSIBILTIES
Zero Trust Architecture Design:

  • Lead the design and implementation of a Zero Trust security architecture for the organization.
  • Develop and implement strategies to ensure the least privilege access, micro-segmentation, and continuous monitoring of network traffic.
  • Collaborate with cross-functional teams to integrate Zero Trust principles into existing and new systems.
  • Identity and Access Management:
  • Implement strong authentication and authorization mechanisms to verify user identities and ensure secure access.
  • Design and implement role-based access controls (RBAC) and implement identity and access management (IAM) solutions.
  • Monitor and audit user access to identify and mitigate potential security risks.
Network Security:
  • Implement network segmentation and micro-segmentation strategies to limit lateral movement.
  • Design and deploy secure communication channels, including encryption and VPN solutions.
  • Collaborate with network engineers to ensure secure configuration and monitoring of network devices.
Endpoint Security:
  • Design and implement endpoint protection strategies, including device posture assessment and continuous monitoring.
  • Implement application control and device authentication measures.
  • Work with IT teams to ensure security configurations on endpoints align with Zero Trust principles.
Security Monitoring and Incident Response:
  • Implement continuous monitoring solutions to detect and respond to security incidents.
  • Develop and document incident response plans for Zero Trust environments.
  • Conduct regular security assessments and penetration testing.
REQUIRED QUALIFICATIONS
  • BA/BS + 5 years recent specialized or AA/AS +7 years recent specialized or a major cert + 9 years recent specialized or 11 years of recent specialized experience
  • DOD 8570 IAT 2 compliance.
  • Proven experience as a Zero Trust Architect or in a similar cybersecurity role.
  • In-depth knowledge of cybersecurity principles, protocols, and best practices.
  • Experience with identity and access management solutions, network security, and endpoint protection.
  • Familiarity with cybersecurity frameworks, compliance standards, and regulations.
  • Strong problem-solving and analytical skills.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Zero Trust Architect (CZTA) are a plus.
  • Extensive experience supporting Microsoft Azure and Microsoft 365
  • Experience in systems infrastructure design, support, and administration
  • Experience working with Microsoft Azure and Microsoft 365 in a hybrid environment.
  • Azure AD, storage, and compute including Application Proxy (NDES), Storage Account, Virtual Machines, Virtual Desktop, Backup, Automation, and Functions
  • Azure identity management including SSO (SAML), OAuth, MFA, RBAC, PIM, conditional access, monitoring / alerting, device registration, identity protection, and hybrid identity management / AD connect.
  • Azure networking including ExpressRoute, VNet, Virtual WAN, VPN, NSG, Load Balancer, BGP, routing, and firewall concepts (Palo Alto, etc.)
  • Experience collaborating with technical teams of diverse IT related skill sets.
  • IAT-III Level Certification (CISSP, CASP+ CISM, etc)
  • Microsoft Certified Azure Administrator Associate or Developer Associate
  • Must be proficient in using different technologies such as computers and other tools and systems pertinent to the position.
  • Must possess an active DoD TS/SCI security clearance.
TRAVEL REQUIREMENTS
  • Active Passport.
  • In rare occasions, overnight travel may be required.
PHYSICAL ENVIRONMENT AND WORKING CONDITIONS
Cambridge International Systems complies with Temporary Duty Station (TDY)/Outside Continental United States (OCONUS) vaccination requirements.  If this position requires OCONUS travel (listed above), Vaccine Recommendations by AOR | Health.mil lists applicable current vaccination requirements by location.
Office setting:
  • Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday.
  • Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc.
  • May be required to travel short distances to offices/conference rooms and buildings on site. 
BENEFITS AND PERKS
Cambridge International Systems is committed to investing in our employees and their future by providing them with competitive compensation, career development opportunities, comfortable working conditions, and a comprehensive benefits package, some of which are listed below:
  • Medical, dental, vision, Life/AD&D/STD/LTD insurance
  • 401(k) matching and immediate vesting
  • Paid time off and holidays
  • Generous tuition & training assistance program
  • Relocation assistance
  • Sign-on bonuses
  • Referral bonuses
  • Performance-based bonuses
  • Community involvement & outreach
  • Wellness program
  • Employee Assistance Program (EAP)
  • Tickets at Work

Refer to a friend
If you know someone who may be interested, please share this posting.  We are a growing team and there may be more opportunities like this one here at Cambridge International Systems!

MORE ABOUT US
At Cambridge, we recognize innovation and agility grow through diverse collaboration. Our team is comprised of unique individuals, and it is our policy to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations.
If you are a qualified individual with a disability or a disabled veteran requiring assistance with the application process, please visit https://cbridgeinc.com/accessibility/ for information on how to request assistance.

Share

Apply for this position

Required*
Apply with
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status



Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*