3981 Virtualization Engineer

Procession Systems
Tysons, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Tysons, United States of America

Tech stack

User Authentication
Computer Security
Data Security
VMware ESX Servers
Federal Information Processing Standards (FIPS)
Hyper-V
Identity and Access Management
Kernel-Based Virtual Machine
NetApp Applications
Network Attached Storage (Server Appliance)
VMware Infrastructure
Virtualization Technology
Storage Technologies
Vulnerability Analysis

Job description

  • Conduct comprehensive technical assessments and manual audits of virtualized infrastructure platforms and network-attached storage (NAS) environments in Intelligence Community (IC) settings.
  • Evaluate compliance with IC Directives, Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 Rev 5 and 800-171 security controls relevant to virtualization and storage systems.
  • Perform independent manual STIG checklist reviews for leading virtualization platforms including VMware ESXi, Microsoft Hyper-V, and KVM, as well as NAS/SAN devices such as NetApp and Dell EMC systems.
  • Analyze risks and attack vectors associated with virtualized environments and storage architectures; assess controls including encryption, authentication, access management, and FIPS compliance.
  • Provide technical recommendations and architectural guidance to improve virtual infrastructure security posture.
  • Liaise with virtualization system administrators, storage teams, and leadership to communicate findings, risk assessments, and remediation strategies.
  • Lead and mentor Level 1 IDRs in conducting IV&S inspections and risk analysis.
  • Stay current with emerging virtualization and storage security threats, industry trends, and vendor hardening best practices.
  • Participate in inspection planning, execution, reporting, and deliver clear, concise written and oral assessments.
  • Travel as necessary to support onsite inspections. (8-12 weeks of travel avg, some international and passport required).

Requirements

  • Knowledge:
  • Strong understanding of virtualization platforms: VMware ESXi, Microsoft Hyper-V, and KVM architectures and security features.
  • Familiarity with common NAS/SAN systems (NetApp, Dell EMC) and their security considerations.
  • Ability to interpret and apply STIGs, SRGs, and NIST 800-53/800-171 controls related to virtualized infrastructure and storage.
  • Knowledge of encryption standards, including FIPS, and their application in storage security.
  • Awareness of virtualization and storage-related attack vectors and mitigation strategies.
  • Skills:
  • Proficient in performing manual checklist audits and functional risk assessments for virtualized and storage environments.
  • Strong analytical skills to evaluate complex system configurations and security controls.
  • Effective communication skills to present findings and recommendations to technical teams and leadership.
  • Ability to mentor junior inspectors and lead technical discussions.
  • Abilities:
  • Lead IV&S inspection efforts independently with minimal oversight.
  • Provide actionable security architecture recommendations to enhance virtual and storage infrastructure defenses.
  • Manage inspection activities and deliverables efficiently within tight schedules.
  • Adapt quickly to vendor-specific nuances while maintaining a vendor-agnostic security focus.
  • Certifications:
  • Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD 8570.01-M and DoD Directive 8140 Cyberspace Workforce Management.
  • CASP+ CE
  • CCNP Security
  • CISA
  • CISSP (or Associate)

Apply for this position