Senior Systems Administrator - Linux, Security & Compliance (CIS Hardening & CMMC)
Westminster, Colorado
6+Months
Overview:
We are seeking a Senior Systems Administrator with deep expertise in Linux security hardening and compliance automation to support the implementation of CIS Benchmarks and CMMC Level 2 controls across AWS-hosted environments. This contract role focuses on securing RHEL 8, RHEL 9, and Rocky 9 systems used in government and defense workloads by designing, building, and maintaining hardened AMIs and automating compliance processes.
The ideal candidate brings hands-on experience with Ansible, Jenkins, AWS security services, and a strong understanding of federal compliance frameworks such as CMMC, NIST 800-171, and CIS Benchmarks.
Key Responsibilities:
- Security Hardening & Compliance Implementation
- Implement CIS Benchmarks on RHEL8, RHEL9, and Rocky9.
- Build, test, and deploy hardened AMIs using EC2 Image Builder or Packer.
- Configure systems for CMMC Level 2 alignment and remediate findings.
- Automate system-level controls (e.g., kernel parameters, secure boot, least privilege).
- Perform regular compliance assessments using tools like Trivy.
- CMMC Compliance Integration
- Map CIS/NIST controls to CMMC Level 2 practices.
- Document compliance evidence and support audit readiness.
- Collaborate with ISSOs and compliance teams to close control gaps.
- Integrate compliance enforcement into CI/CD pipelines.
- AWS Security & Cloud Compliance
- Utilize AWS security services (IAM, SSM, Config, CloudTrail) for secure provisioning and monitoring.
- Track hardened AMIs within CMMC-scoped environments.
- Implement audit logging, encryption, and cloud-native incident response triggers.
- Automation & Infrastructure as Code
- Automate security controls using Ansible, shell scripts, and cloud-init.
- Develop and maintain secure provisioning playbooks.
- Use AWS SSM and Run Command to enforce configurations.
- Support infrastructure-as-code standards for repeatable builds.
- Auditing, Monitoring & Reporting
- Conduct compliance scans and produce audit-ready evidence.
- Integrate security telemetry with SIEM platforms (e.g., Exabeam).
- Create dashboards and reports aligned with POA&M and audit requirements.
- Collaboration & Documentation
- Partner with IT security, cyber, and compliance teams to define and enforce policies.
- Maintain documentation for hardened AMIs, baselines, and remediation.
- Assist in knowledge transfer and operational training.
Required Skills & Experience:
- 5+ years of Linux administration experience (RHEL8/9, Rocky9).
- Expertise in CIS Benchmarks, CMMC Level 2, and NIST 800-171.
- Hands-on experience with Ansible, shell scripting, and CI/CD tools (e.g., Jenkins).
- Familiarity with AWS native security services and EC2 image lifecycle.
- Experience performing compliance audits and building evidence artifacts.
- Strong understanding of Linux security internals and cloud security posture.
Preferred Qualifications:
- Experience supporting federal, DoD, or defense contractor environments.
- Familiarity with tools like Trivy, OpenSCAP, or SCAP Security Guide.
- Knowledge of SIEM platforms (e.g., Exabeam) and logging integrations.