Job Description
Location:
Fort Meade, MD Clearance Required:
Top Secret/SCI with Active Full Scope Polygraph We are seeking an experienced Linux-focused System Administrator (Level 2) to support a mission-critical program within the Intelligence Community at Fort Meade, MD. This is an on-site position in a Sensitive Compartmented Information Facility (SCIF) environment requiring a TS/SCI clearance with an active Full Scope Polygraph prior to consideration. The successful candidate will be responsible for the day-to-day administration, security compliance, and operational health of complex Linux-based infrastructure spanning virtualized environments, container platforms, and classified networked systems. The SA Level 2 operates with a high degree of independence and serves as a technical authority on Linux systems engineering, PKI/cryptographic policy enforcement, storage management, IP networking, and security compliance. This role carries significant responsibility for System Security Plan (SSP) maintenance, STIG implementation, and supporting Secure Telephone Equipment/Network (STE/STN) infrastructure within a heavily regulated RMF/NIST
framework. Key Responsibilities:
Linux Systems Administration Administer, configure, harden, and maintain Red Hat Enterprise Linux (RHEL), Rocky Linux, and/or CentOS Stream server environments Apply and maintain DISA STIG
configurations using OpenSCAP and other SCAP-compliant tooling; remediate findings from automated scans Manage system performance tuning, patch management (yum/dnf), software package management, and OS lifecycle operations Configure and manage system services, daemons, scheduled tasks, logging (rsyslog/journald), and audit frameworks (auditd) Provide Tier 1 and Tier 2 application support and general troubleshooting across all Linux-based systems Security Compliance - SSP, RMF, and STIG Support ongoing System Security Plan (SSP) development, maintenance, and compliance activities in accordance with NIST SP 800-53
Rev 5 controls Conduct and document Risk Management Framework (RMF) activities including control implementation statements, POA&M tracking, and continuous monitoring Perform and respond to vulnerability assessments; coordinate CVE remediation and ensure timely patching Maintain system authorization boundaries, support A&A activities, and coordinate with the ISSO/ISSM
Enforce DoD crypto policies including FIPS 140-2/140-3
mode configuration STE/STN Support Install, configure, and maintain Secure Telephone Equipment (STE) and Secure Telephone Network (STN) infrastructure Coordinate STE/STN provisioning, moves, adds, and changes (MACs) with communications and security personnel Troubleshoot STE/STN connectivity and interoperability issues Maintain accurate inventory and documentation for all STE/STN endpoints PKI, TLS, and Cryptographic Management Manage DoD PKI operations including certificate issuance, renewal, revocation, and trust store management Configure and maintain TLS/SSL for system services and applications Administer hardware security modules (HSMs) and software-based key management systems where deployed Apply and enforce system crypto policies to ensure FIPS compliance across all managed systems Containers and Cloud Environments Deploy, operate, and maintain containerized workloads using Docker and/or Podman Administer Kubernetes or OpenShift container orchestration clusters within classified/air-gapped environments Manage container image pipelines including base image hardening, vulnerability scanning, and approved image registries Support lifecycle management of containerized applications Virtualization Administer VMware vSphere/vCenter environments including ESXi host management Manage KVM/QEMU-based virtual environments on Linux hosts Coordinate capacity planning and resource optimization across virtualized infrastructure Storage Management Administer NAS and SAN systems; manage LUN provisioning, zoning, and multipath I/O Operate and maintain Ceph distributed storage clusters Configure and manage LVM, RAID
arrays, and filesystem operations Implement and verify data-at-rest encryption requirements IP Networking and Firewall Management Configure and manage host-based firewalls (firewalld, iptables/nftables) on Linux systems Troubleshoot TCP/IP networking issues including routing, DNS, DHCP, VLAN segmentation Interface with network engineers on firewall rule changes and ACLs Qualifications:
Education:
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field. Equivalent experience may be substituted. Experience:
5+ years of system administration experience in classified or secure DoD/IC environments. Additional Required Qualifications:
Active TS/SCI clearance with Full Scope Polygraph - must be active prior to start Deep hands-on Linux proficiency across RHEL, Rocky Linux, and/or CentOS Demonstrated experience with DISA STIGs and SCAP compliance scanning Working knowledge of NIST SP 800-53
controls and RMF process Experience with SSP development and A&A/ATO activities Hands-on STE/STN installation, configuration, and support experience Solid understanding of PKI/TLS/cryptographic standards including DoD PKI and FIPS enforcement Strong IP networking fundamentals and host-based firewall management Experience with container platforms (Docker, Podman, Kubernetes, or OpenShift) Experience with virtualization platforms (VMware vSphere, KVM/QEMU) Storage management experience with NAS, SAN, LVM, and/or distributed storage DoD 8140 IAT Level II compliance (Security+, CASP+, or equivalent) Desired Skills Experience with Ansible, Puppet, SaltStack, or Chef Proficiency in Bash and Python scripting OpenShift Container Platform experience in classified deployments Experience with cross-domain solutions (CDS) Familiarity with DoD cloud environments (AWS GovCloud, C2S) Red Hat RHCSA or RHCE certification Your recruiter will be happy to walk you through your U.S.-specific benefits, which include: Healthcare Coverage:
Comprehensive medical, dental, and vision plans. Time Off and Leave Policies:
Generous paid time off (PTO), paid company holidays, generous parental and family leave. Protective Insurances:
Life insurance, short- and long-term disability coverage, and accident protection. Compensation and Rewards:
Competitive salary structures, performance-based incentives, and merit-based compensation reviews. Retirement Plans:
401(k) plans with company matching. Please note that benefits may vary by region, department and role. We encourage you to speak with your recruiter to learn more about the specific benefits available for your position. About Kroll Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients' value? Your journey begins with Kroll. In order to be considered for a position, you must formally apply via careers.kroll.com. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability. The current salary range for this position is $100,000 to $150,000 #LI-CN1
