Linux Subject Matter Expert; SME

Overview

REQUIRES AN ACTIVE/EXISTING TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE

We are seeking an experienced Linux Subject Matter Expert (SME) to provide advanced systems engineering and operational support for Dedicated Cross Domain Infrastructure within a secure Defense Intelligence Agency (DIA) environment. This role is embedded with our Cross Domain Solutions (CDS) team and is responsible for maintaining, hardening, troubleshooting, and optimizing Linux-based systems across multiple domains and mission enclaves.

The ideal candidate will have a deep understanding of Red Hat Enterprise Linux (RHEL), system hardening (STIG), cross domain security architectures, and the accreditation processes necessary to support TS/SCI systems.

• Lead system engineering, patching, configuration, and lifecycle maintenance of RHEL/CentOS/Oracle Linux systems supporting CDS environments.
• Implement and maintain DISA STIG-compliant baselines using automation tools (e.g., Ansible, SCAP, Puppet).
• Collaborate with CDS engineers, Information Assurance personnel, and enclave leads to meet ATO/RMF compliance.
• Troubleshoot kernel-level issues, performance bottlenecks, and cross-domain interface stability.
• Provide SME-level support for SE Linux, LDAP/Kerberos, and auditing solutions (e.g., syslog, Splunk forwarders).
• Manage OS provisioning, virtual infrastructure (e.g., VMware or KVM), and baseline image creation for cross-domain enclaves.
• Assist with developing and maintaining infrastructure-as-code configurations and custom scripts (Bash, Python).
• Serve as Tier III escalation for complex OS issues affecting CDS reliability or availability.
• Support enclave isolation and guard-side interface requirements under strict security policies.
• Document engineering decisions, operational procedures, and system configurations for cross-team knowledge sharing and accreditation packages.

• U.S. Citizen with active TS/SCI clearance and CI Polygraph (or ability to obtain).
• 8+ years of experience administering Linux systems in a secure, mission-critical environment.
• 3+ years supporting cross-domain or multi-enclave environments (CDS, Garrison, SMART.NeXT, CDSSF).
• Advanced knowledge of RHEL 7/8/9, including system hardening and kernel-level tuning.
• Experience with automation frameworks and scripting languages (Ansible, Bash, Python).
• Familiarity with RMF/ATO processes and audit log management.
• Strong understanding of networking (TCP/IP, firewalls, VLANs, DNS) as it relates to Linux systems.

• DoD 8570 IAT Level II or III certification (Security+ CE, CASP+, CISSP).
• Red Hat Certified Engineer (RHCE) or similar Linux certification.
• Familiarity with CDS guard technologies (Radiant Mercury, Data Diode, Garrison, etc.).
• Experience with hypervisors and virtual infrastructure supporting isolated environments.
• Knowledge of Zero Trust, enclave segmentation, and compartmentalized architectures.