Illumio Subject Matter Expert
The Illumio SME oversees and directs the engineering, implementation, policy configurations and maintenance for the Air Force adopted the Department of Defense (DoD) Zero Trust Architecture (ZTA). Within the AF-ZTA, Illumio products provide micro-segmentation to stop adversary lateral movement. The Illumio SME will direct and participate within an AF team of engineers and operators to produce a real-time network map needs to be created before ZTA can begin. The team will accomplish both a real-time map of the AFNET and eventually the AFNET-S, and then micro-segment the network through ring-fencing workloads or applications to prevent lateral movement. This is accomplished outside of the network architecture, since Illumio is focused on application security. The real time network map and micro-segmentation will enable the Air Force to further accomplish its mission and defend forward.
Responsibilities
- Install/reinstall/upgrade or advise on the tasks required to place the Illumio Policy Compute Engine software in an approved configuration on both the Air Force NIPR and SIPR networks
- Install/reinstall/upgrade or advise on the tasks required to place the Illumio Virtual Enforcement Node on Air Force servers at any or all locations requested by the Air Force on both the NIPR and SIPR networks
- Provide professional services to perform the above actions, advise on traffic analysis and write security rules for all applications deemed in-scope for this effort
- Provide professional services to manage the project and advise the Air Force management team
- Provide in-person Type 1, over-the-shoulder training and local tier 3 and tier 4 support
- Build Open Virtualization Appliances (OVA)
- Provide reports and metrics, and prepare and maintain project documentation
- The Illumio SME will provide guidance and assistance with any of the following tasks:
- Provide subject matter expertise on Illumio
- Deployment, troubleshooting, monitoring, and management of your Illumio deployment and product upgrades
- Installation and maintenance of the Illumio Policy Compute Engine (PCE)
- Implementation of integrations such as Syslog/SIEM and Single Sign-On
- Development of operations procedure/runbook based on Illumio best practices to perform tasks such as PCE rebuild, upgrade, backup/restore, cold standby PCE, etc.
- Development of Illumio Virtual Enforcement Node (VEN) deployment methodology using the Customer’s automation framework and applying Illumio best practices
- Assistance in technical reviews and guidance on change preparations
- Development of a labeling schema using the Customer’s metadata and applying Illumio best practice
- Authoring Illumio policy based on a customer-defined framework, including core data center services, administrative access, egress traffic, IP lists, and multi-tenant workloads
- Development of Illumio-specific API scripts to optimize services
Qualifications
- 4+ years of hands-on experience in network engineering and firewall management
- 4+ years of experience with cloud networking and virtualization technologies (e.g.,VMware)
- Expert skills to install/reinstall/upgrade or advise on the tasks required to place the Illumio Policy Compute Engine and Virtual Enforcement Nodes
- Subject matter expert on Illumio micro-segmentation to provide consulting to customer throughout integration into its service set.
- Expert skills in required to develop Illumio labeling and policy design
Education:
- Bachelor’s degree in related technical discipline, or MIS related field is preferred but not mandatory.
Certifications:
- Illumio Core Expert or Illumio Core Specialist
- IAT Level 2 Certification or higher
- CompTia Network + CE
Desired Certifications:
- CCNA or equivalent
Clearance:
- Minimum of an active DoD Secret required or the ability to obtain an interim Secret clearance.
- Ability to upgrade to Top Secret clearance preferred if required
SMS is a dynamic systems integrator established in 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 47 years. Our ability to hire and retain quality people in a rapidly evolving IT market is proven through our employee retention rate averaging over 3 years. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices, resulting in CMMI Level 3 certification and ISO registrations including 9001:2015, 20000-1:2018, and ISO/IEC 27001:2013. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States.
SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.