Cambridge International Systems Inc

ZTA Engineer/Architect – TS/SCI Clearance | Stuttgart, Germany

Germany - Full Time

ZTA Engineer/Architect – TS/SCI Clearance | Stuttgart, Germany
Cambridge International Systems, Inc.

Join a dynamic global team united by shared values: commitment, integrity, and perseverance. At Cambridge, you’ll work alongside top talent worldwide, tackling some of today’s most complex and critical challenges in defense and security.

We are currently seeking a ZTA Engineer/Architect to support operations in Stuttgart. This is a full-time, OCONUS position requiring an active DoD TS/SCI, eligibility for NATO Indoctrination and TESA accreditation.

TESA certification provides significant tax exemptions for U.S. employees stationed in Germany — along with other great benefits like housing, COLA, and dependent education reimbursements, etc.

What You’ll Do
As a ZTA Engineer/Architect, you will play a critical role in Zero Trust security architecture, that serve U.S. government missions overseas.  You will:
  • Zero Trust Architecture Design & Implementation
    • Lead the creation and execution of a comprehensive Zero Trust security framework, ensuring that security is enforced across all users, devices, applications, and networks. Design the architecture to ensure least privilege access, micro-segmentation, and continuous monitoring for a zero-trust environment.
  • Access Control Strategy
    • Develop and implement least privilege access strategies, ensuring minimal access rights to resources for all users. Collaborate to implement role-based access controls (RBAC) and Identity and Access Management (IAM) systems to enforce fine-grained access policies based on user roles, responsibilities, and the principles of Zero Trust.
  • Authentication & Authorization
    • Design and enforce strong authentication and authorization protocols, including multi-factor authentication (MFA) and adaptive authentication mechanisms, to verify user identities and enforce secure access across the network.
  • Network Security & Micro-Segmentation
    • Implement comprehensive micro-segmentation strategies to isolate sensitive data, systems, and applications, minimizing lateral movement and reducing the attack surface. Collaborate with network engineers to ensure proper network segmentation and secure configuration of network devices.
  • Endpoint Security & Device Posture Management
    • Oversee the development and implementation of robust endpoint protection strategies, including device posture assessment and continuous monitoring. Ensure that all devices adhere to security policies before being granted network access.
  • Application Security & Access Control
    • Implement application-level security policies that enforce secure application control and device authentication to prevent unauthorized access or execution. Collaborate with development and security teams to integrate Zero Trust principles into application lifecycle management.
  • Continuous Monitoring & Threat Detection
    • Implement continuous monitoring solutions to detect and respond to potential security incidents in real-time. Establish mechanisms for anomaly detection, logging, and auditing to proactively identify and mitigate security threats.
  • Incident Response & Security Auditing
    • Develop and maintain incident response plans tailored to Zero Trust environments. Conduct regular security assessments, vulnerability scans, and penetration testing to identify weaknesses and improve security measures. Review access logs and monitoring systems to detect any abnormal activities and mitigate risks.
  • Collaboration & Cross-Functional Leadership
    • Collaborate with key stakeholders across IT, operations, compliance, and legal teams to integrate Zero Trust principles seamlessly into business operations. Provide guidance and mentorship to junior security engineers, fostering a culture of security-first thinking throughout the organization.
  • Compliance & Regulatory Alignment
    • Ensure that the Zero Trust implementation aligns with industry best practices and complies with relevant regulations, such as GDPR, HIPAA, and PCI-DSS, as applicable. Provide regular security reports and updates to senior management and relevant stakeholders.
What You’ll Bring
Required Qualifications:
  • Education & Experience:
    • BA/BS + 7 years of relevant experience, or
    • AA/AS + 9 years recent specialized or
    • Major technical cert + 11 years recent specialized or
    • 13 years of recent specialized experience 
  • Technical Expertise:
    • Strong experience with identity and access management solutions, network security, and endpoint protection. 
    • Strong experience as a Zero Trust Architect or in a similar cybersecurity role
    • Knowledge in cybersecurity principles, protocols, and best practices.
    • Experience with cybersecurity frameworks, compliance standards, and regulations. 
    • Strong problem-solving and analytical skills
  • Certifications:
    • Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Zero Trust Architect (CZTA) are a plus.
  • Must have a current and active DoD TS/SCI security clearance.
  • Proficient with modern IT tools and infrastructure technologies
Travel & Passport
  • Must have an active passport to support OCONUS travel and/or living requirements.
Work EnvironmentOffice setting:
  • Primarily an office-based role in Germany
  • Standard desk/computer work with flexibility for walking and movement on site
  • Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday.
  • Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc.
  • May be required to travel short distances to offices/conference rooms and buildings on site. 
Background & Security
  • Employment is contingent upon successful background investigation
  • Drug screening may be required for federal contract compliance
Benefits & Perks
We believe in investing in our team—both professionally and personally:
  • Medical, dental, vision, life, accident, and critical illness insurance
  • 401(k) immediate vesting and match
  • Paid time off and company holidays
  • Generous tuition & training support
  • Relocation assistance
  • Sign-on and performance-based bonuses
  • Employee referral program
  • Access to Tickets at Work, EAP, wellness initiatives, and more
Join Us
If you're driven by mission, technology, and teamwork—we want to hear from you. Cambridge is growing, and this position is just one of many opportunities on our global team. Know someone perfect for the role? Referrals are welcome—both employees and non-employees may qualify for a bonus.
Apply today and help shape the future of secure cloud computing for national security.

About Cambridge International Systems
At Cambridge, innovation grows through diversity. We are proud to be an equal opportunity employer, committed to creating an inclusive and supportive work environment for all. Learn more at www.cbridgeinc.com.
When you join the Cambridge team, you are part of a skilled and talented global community that is united by a set of core values: commitment, integrity, and perseverance. Join our team and help us confront today’s most threatening and complex obstacles! 
 
Apply: ZTA Engineer/Architect – TS/SCI Clearance | Stuttgart, Germany
* Required fields
First name*
Last name*
Email address*
Location
Phone number*
Resume*

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

Due to the nature of this position, U.S. Citizenship is required. Are you a U.S. Citizen?*
Will you now, or in the future, require sponsorship to work in the United States? If selected for the position, you will be required to show proof of eligibility to work in the United States.*
How did you hear about this position?*
List name of Employee Referral, if applicable
If applicable, what is your current clearance level?*
Have you ever had a security clearance eligibility/access authorization denied, suspended, or revoked?*
Are you willing to relocate?*
What is your desired salary?*
Do you have family members working for Cambridge?*
Do you have any personal relationships, such as friendships or family connections with vendors, contractors, or competitors of Cambridge?*
Do you or your family members have any financial interests in companies that could be considered a competitor of Cambridge?*
Do you currently have a second job for which you are planning to keep?*
Have you worked for the US government conducting financial, procurement, and/or contracts-related activities during the last 10 years?*
Do you have any consulting arrangements with any potential competitors of Cambridge?*
Are you involved or serve on the board of directors or advisory board for any vendor, supplier, or competitor of Cambridge?*
Do you own or have partial interest in any intellectual properties, patents, licenses, or copyrights that could be relevant to your work at Cambridge?*
Have you ever worked on a contract affiliated with Cambridge International Systems?*
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER
Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:
YES, I HAVE A DISABILITY, OR HAVE HAD ONE IN THE PAST
NO, I DO NOT HAVE A DISABILITY AND HAVE NOT HAD ONE IN THE PAST
I DO NOT WANT TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Name Date
Human Check*