The Zero Trust Architecture Control Systems Cybersecurity Consultant will leverage 3–5 years of hands-on experience to develop, refine, and implement Zero Trust strategies and network enclaves within the Customer’s OT cybersecurity programs. This mid-tier consultant will design enclave topologies, configure security controls, and support operational oversight to ensure robust, policy-aligned cybersecurity architectures. The role requires applying industry best practices and DoD / Customer standards to enhance enclave security, streamline certification processes, and integrate Zero Trust principles into both new and existing environments. Work is 40% onsite at minimum.

Responsibilities

• Zero Trust Architecture Design (25%): Develop and document Zero Trust enclave topologies, control-plane configurations, and microsegmentation strategies aligned to mission requirements
• Enclave Configuration & Deployment (20%): Configure ZTNA gateways, firewalls, NAC, and segmentation policies; coordinate deployments with network and OT teams
• Compliance & Certification Support (20%): Assist in ATO and continuous monitoring activities, prepare security-control artifacts for eMASS, and validate alignment with DoD/Customer directives
• Stakeholder Collaboration & Briefings (20%): Work with engineers, operators, and leadership to integrate Zero Trust principles; present design reviews, risk assessments, and roadmap updates
• Continuous Improvement & Analysis (15%): Monitor enclave performance, identify security gaps or blind spots, and recommend mitigation reprioritization based on evolving threats and mission impact

Requirements

• US Citizenship; Secret Clearance
• 3-5 years experience in the following areas:
  • Zero Trust Frameworks – Implementing NIST SP 800-207 and other Zero Trust models to segment and secure enterprise and OT/ICS networks
  • Network Enclave Design – Designing and deploying isolated enclaves using microsegmentation, VLANs, VXLANs, or software-defined segmentation
  • Cybersecurity Architecture – Configuring firewalls, ZTNA gateways, network access control (NAC), and related tools in complex environments
  • DoD/Customer Policy Compliance – Applying Department of Defense and Customer cybersecurity directives (e.g., DoDI 8500.01, CNSSI 1253) to architecture designs
  • Certification Support – Assisting ATO/ATO-M processes, System Security Engineering Framework (SSEF), and continuous monitoring requirements
  • Network Protocols & Security – Hands-on with TCP/IP, routing services, VPNs, and securing Modbus/DNP3/OPC when interfacing with OT networks
  • Collaboration & Communication – Presenting technical designs and risks to stakeholders, drafting architecture diagrams and solution briefs
  • Analytical Troubleshooting – Diagnosing network and enclave security issues, performing root-cause analysis, and recommending improvements

Preferred Skills

• 2-3 years of experience in the following areas:
  • Secure Access Service Edge (SASE) & SSE – Familiarity with cloud-delivered security services and their integration into Zero Trust enclaves; knowledge of More Situational Awareness for Industrial Control Systems (MOSAICS) a plus!
  • Automation & Scripting – Using Python, PowerShell, or Ansible to automate configuration, compliance checks, and reporting
  • Cloud & Edge Integration – Deploying Zero Trust controls in AWS, Azure, or edge-computing environments
  • Data Fusion & Analytics – Leveraging tools like A3 Mission Assurance or Dagger for “digital twin” simulations and cross-domain data analysis
  • MRT-C Mission Mapping – Aligning enclave designs with mission-critical workflows and quantifying “what supports what”
  • eMASS / GRC Tools – Managing control implementation and evidence in eMASS or similar governance-risk-compliance platforms
  • Supply Chain Risk Insights – Incorporating vendor and component risk assessments into enclave security planning
  • Professional Certification Pursuit – Progress toward CISSP, CCSP, or vendor-specific architecture certifications (e.g., TOGAF, AWS/Azure Security)

About Us
For more than 20 years, NewGen Technologies has solved our clients’ toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ