Senior System Admin with expertise in Security & Compliance Hardening

Job Title:- Senior Systems Administrator with expertise in Security & Compliance Hardening

Location:- Westminster, CO (Hybrid)

W2

Job Overview

• We are seeking a Senior Systems Administrator with expertise in Security & Compliance Hardening to assist with the implementation of CIS Hardening and CMMC controls across AWS-hosted RHEL8, RHEL9, and Rocky9 implementations.
• This contract role centers on designing, building, and maintaining hardened AMIs that meet the rigorous security and compliance demands of government and defense-related workloads.
• The ideal candidate brings deep Linux administration expertise, cloud security experience, and a practical understanding of compliance automation and secure system design.
• You will be responsible for implementing system-level controls aligned with CIS Benchmarks, mapping those controls to CMMC Level 2 practices, and ensuring continuous enforcement using automated tools such as Ansible and Jenkins.
• This includes managing AWS security services, performing regular compliance audits, and integrating hardened configurations into infrastructure-as-code pipelines.
• A strong understanding of Linux security internals, cloud security posture, and federal compliance frameworks is critical.
• This role requires hands-on execution, proactive security leadership, and the ability to align technical controls with broader compliance objectives in support of CMMC readiness and sustainment.

Key Responsibilities

Security Hardening & Compliance Implementation

• Implement CIS Benchmarks for RHEL8, RHEL9, and Rocky9 and align configurations with CMMC and NIST 800-171 controls.
• Build, test, and deploy hardened AMIs in AWS using EC2 Image Builder or custom Packer pipelines.
• Apply and validate Linux system configurations for CMMC Level 2 alignment.
• Conduct regular assessments using Trivy and CIS Benchmarks remediating non-compliant settings.
• Automate enforcement of least privilege access, secure boot settings, kernel parameters, file system controls, and log integrity.

CMMC Compliance Integration

• Map technical controls to CMMC practices
• Maintain and document evidence of system-level compliance to support CMMC audits and assessments.
• Collaborate with compliance officers and ISSOs to close gaps between CIS/NIST and CMMC requirements.
• Integrate compliance automation into deployment pipelines to ensure ongoing CMMC alignment.

AWS Security & Cloud Compliance

• Leverage AWS native security services (IAM, Config, Systems Manager, CloudTrail) for secure provisioning and monitoring.
• Tag and track hardened AMIs for use in CMMC-scoped enclaves.
• Implement security monitoring and incident response triggers for cloud-based Linux systems.
• Ensure encryption, audit logging, and identity management are compliant with federal security standards.

Automation & Infrastructure as Code

• Automate CIS and CMMC control implementation using Ansible, cloud-init, and shell scripting.
• Create and maintain playbooks and scripts for secure provisioning and compliance remediation.
• Use AWS SSM and Run Command to enforce security baselines.
• Support infrastructure-as-code adoption for consistent and auditable system builds.

Auditing, Monitoring & Reporting

• Conduct routine compliance scans and generate CMMC-aligned evidence artifacts.
• Integrate Linux logs and compliance telemetry with SIEM platforms (Exabeam).
• Develop custom dashboards and exportable reports that meet audit and POA&M documentation requirements.

Collaboration & Documentation

• Work closely with IT Security, Cyber, and Compliance teams to define and enforce system security policies.
• Maintain up-to-date documentation for all hardened images, security baselines, and remediation workflows.
• Assist in training and knowledge transfer to operational teams responsible for secure environments.

Must Have

• 5+ years of experience in Linux System Administration and Automation
• Deep understanding of security compliance frameworks (NIST 800-171, CIS benchmarks)
• Excellent communication skills (documentation, reporting, and collaboration)
• Experience using Git as a source code repository for automation
• Experience with Ansible for security automation, system provisioning, and configuration management
• Hands-on experience implementing CIS Hardening for Linux & Windows Systems
• Strong problem-solving skills and ability to lead system upgrades independently

Nice To Have

• Experience using AWS EC2 Image Builder
• Experience with Ansible Automation Platform
• Experience with Kubernetes and EKS
• Experience with Ubuntu operating systems
• Experience writing and maintaining Jenkins pipelines
• Expertise in IAM solutions, including Okta, Entra ID, AWS IAM, and Active Directory

Sr. IT Technical Recruiter

Phone:-
Email:

Gtalk:

Linkedin id:-