Required Skills & Experience- Core Technical & Architectural Skills
- Strong background in cyber systems engineering and solution architecture.
- Experience designing secure hybrid-cloud and enclave-based architectures.
- Hands-on expertise with Windows Server, Active Directory, and Linux systems.
- Deep understanding of enterprise networking (VLANs, trunking, routing, firewalls, DNS/DHCP).
- Experience deploying solutions in virtualized environments (VMware ESXi, KVM, Hyper-V).
Cyber Defense & Tooling- Experience integrating security platforms with SIEM, SOAR, and EDR tooling.
- Strong understanding of attack lifecycle, lateral movement, and identity-based threats.
- Ability to analyze and interpret forensic artifacts, logs, PCAPs, and incident telemetry.
- Automation, DevSecOps & Compliance
- Experience with automation pipelines, configuration management, and secure baselines.
- Familiarity with RMF, STIGs, ACAS/Nessus, eMASS, and Zero Trust Architecture.
- Ability to translate compliance requirements into practical engineering actions.
Technologies & PlatformsSecurity & Deception- Splunk Enterprise, Splunk Phantom, ELK (Elastic)
- Cortex XSOAR
- CrowdStrike Falcon, Microsoft Defender for Endpoint
Infrastructure & Platforms- VMware ESXi
- Kubernetes (RKE2 or equivalent)
- AWS and Azure GovCloud (IL4-IL6)
- Operating Systems & Tooling
- Windows Server, Windows 10/11
- Red Hat / Linux
- Ansible, CI/CD pipelines
- NGINX, SQL/MariaDB
Desired Qualifications (Strongly Preferred)- 8+ years supporting U.S. Navy, Marine Corps, or DoD cyber environments.
- Experience with CANES, NIWC PAC and/or LANT, NCDOC, or Navy cyber labs.
- Proven ability to support presales engineering, SOW development, and POC execution.
- Recognized as a trusted technical advisor to government stakeholders.
- Demonstrated experience delivering technical training and mentoring engineers.
- Acalvio ShadowPlex (ADC, sensors, decoys, identity deception)
Certifications- CISSP (preferred)
- AWS Cloud Practitioner or equivalent
- CompTIA Security+ / Linux+
- Cisco CCNA or equivalent networking certification
Clearance RequirementsPreferred locations: San Diego, CA (NIWC PAC)Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $185,000.00 to $200,000.00 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.
The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:
- Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
- Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
- Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
- Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program
#LI-AH1
#clearancejobs
This is a full-time direct hire position and you must currently have an active TS/SCI Security Clearance or above. We are not able to offer visa sponsorship, 1099 status, or work with C2C for this role.Location: San Diego, CAWhat will you be doing?WWT is seeking a Cyber Systems Engineer that will serve as a senior technical lead supporting the design, deployment, integration, and validation of cyber deception and threat detection technologies for a U.S. Navy Cyber Defense pilot. This role blends hands-on engineering, solution architecture, and trusted-advisor responsibilities, supporting phased pilot execution while shaping production-ready architectures aligned to Navy modernization and Defensive Cybersecurity Operations (DCO).
The engineer will work directly with Navy cyber operators, architects, and leadership to translate mission requirements into secure, scalable designs, integrate deception capabilities into enterprise cyber tooling, and guide operators through testing, training, and transition to operations.
KEY RESPONSIBILITIES:Platform Deployment & Integration- Install, configure, and operate Acalvio ShadowPlex platforms (ADCs, sensors, decoys, breadcrumbs, identity artifacts).
- Design and deploy deception strategies across segmented enterprise and enclave environments.
- Validate platform stability, resilience, and performance at increasing scale.
- Support multi-VLAN, trunked, and segmented deployments across large-scale environments.
- Deploy solutions in virtualized environments (VMware ESXi, Hyper-V, KVM).
- Integrate deception telemetry into SIEM platforms (Splunk, ELK, or equivalent).
- Enable SOAR integrations (Splunk Phantom, Cortex XSOAR, etc.) for triage and response workflows.
- Integrate endpoint deception with EDR platforms (CrowdStrike Falcon, Microsoft Defender for Endpoint, etc.).
Solution Architecture & Technical Leadership- Lead technical discovery and design workshops with Navy stakeholders.
- Translate mission, security, and compliance requirements into actionable architectures and deployment models.
- Whiteboard and document solution designs spanning on-prem, enclave, and hybrid-cloud environments.
- Develop engineering diagrams, deployment patterns, and standardized runbooks supporting repeatable delivery.
DevSecOps & Automation Enablement- Apply DevSecOps and automation principles to platform deployment, configuration, and validation.
- Leverage scripting and automation frameworks to improve repeatability, compliance, and operational efficiency.
- Support containerized and virtualized environments where applicable.
Testing, Validation & Compliance Alignment- Execute acceptance test plans aligned to defined use cases and Navy success criteria.
- Perform controlled adversary simulations to validate detection fidelity and forensic capture.
- Support RMF, IATT/ATT, and compliance documentation by mapping technical outcomes to security controls.
- Ensure all activities align with DoD security governance, Zero Trust principles, and enclave constraints.
Training, Mentorship & Knowledge Transfer- Deliver hands-on operator training and technical enablement sessions.
- Support train-the-trainer models for sustained Navy operations.
- Mentor junior engineers and contribute to team technical maturity.
- Provide executive-level summaries and production readiness recommendations.
