Job Description
Job Description
About NDi:
Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.
Job Description:
We're seeking a hands-on DLP & Privileged Access Engineer to design, implement, and maintain enterprise Data Loss Prevention and endpoint privilege management controls. You'll lead configuration of Microsoft Purview DLP, CyberArk Endpoint Privilege Manager (EPM), and Phosphorous compliance solutions, automating deployments and integrating with CI/CD pipelines.
Requirements:
- U.S. Citizenship is required
- Must be able to obtain a Public Trust clearance.
- This position is remote with occasional travel to DC, MD, VA, WV, NJ, and OK.
Qualifications and Experience:
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related IT field.
- 2+ years of hands-on experience with automation and CI/CD for security/configuration tools.
- Proven expertise in Microsoft Purview DLP and label-based protection.
- Experience deploying and managing CyberArk Endpoint Privilege Manager.
- Familiarity with Phosphorous compliance automation or similar assessment platforms.
- Strong scripting skills (PowerShell, Python) and Infrastructure-as-Code practices.
- Excellent troubleshooting, documentation, and communication skills.
Preferred Qualifications:
- In-depth understanding of the Continuous Diagnostics and Mitigation (CDM) program and its phases (vulnerability management, configuration management, identity and access management, and incident response).
- Proficiency in Zero Trust principles, including micro-segmentation, least-privilege access, and continuous verification of users, devices, and services.
- Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/SP 800-53), from categorization through monitoring and continuous authorization.
- Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model for evaluating control effectiveness and mission impact.
- Knowledge of Federal Information Security Modernization Act (FISMA) requirements and annual reporting processes.
- Experience applying FedRAMP security controls for cloud service providers and managing authorization packages (SSP, SAR, POA&M).
- Understanding of DISA STIG and SCAP standards for system hardening and automated compliance checking.
- Ability to map organizational controls to CISA CDM dashboard metrics and drive dashboard data .
Responsibilities:
- Configure and tune Microsoft Purview DLP policies to detect and prevent sensitive data exfiltration.
- Design and implement sensitivity label taxonomies and RMS protection for email, files, and SharePoint content.
- Automate Purview record-management workflows and data-classification scans; troubleshoot connector and scanning issues.
- Deploy and maintain CyberArk EPM agents; define least-privilege policies, application allow-lists, and Just-in-Time elevation workflows.
- Implement Phosphorous assessment frameworks; automate evidence collection and reporting for compliance controls.
- Develop Infrastructure-as-Code modules and scripts (PowerShell, Python, Ansible) to deploy and configure DLP, EPM, and Phosphorous components.
- Integrate security tool deployments into CI/CD pipelines (e.g., Jenkins, Azure DevOps).
- Build dashboards and alerts for DLP incidents, EPM events, and compliance exceptions; triage incidents and coordinate remediation.
- Author runbooks, technical guides, and maintain version control of all automation artifacts
Required tools and technologies:
Microsoft Purview DLP · CyberArk EPM · Phosphorous · Splunk · Ansible · Terraform · PowerShell · Python · Jenkins · ServiceNow · DevOps best practices.
Compensation and Benefits:
At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.
Veterans First Commitment:
As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.
Commitment to Diversity:
NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements.
Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!