You are a senior Inline Encryption and Crypto Engineer with deep experience implementing, integrating, and sustaining Type 1 encryption solutions for enterprise networks, classified enclaves, and mission communications environments. You understand A-side/B-side inline encryption models, red/black separation, encryption boundary design, COMSEC-controlled environments, keying dependencies, management paths, failover behavior, and the practical realities of deploying encryption across multiple transport layers. You are adaptable and comfortable working across and coordinating closely across technical teams and individual contributors. You have a mission focus and take pride in building systems the right way and supporting them end-to-end. Position Overview: VT-ARC is seeking a Senior to Staff level Inline Encryption / Crypto Engineer to support enterprise encryption engineering, Type 1 inline encryption integration, crypto modernization, and secure transport implementation for mission-critical programs within TS/SCI environments. This role is focused on crypto engineering across the full implementation lifecycle, from requirements interpretation and architecture input through detailed design, integration planning, deployment, validation, documentation, and transition to operations. The role supports global enterprise networks across multiple transport layers, including internet-connected, private transport, classified, multi-enclave, and fully air-gapped environments. The Inline Encryption / Crypto Engineer will partner with programmatic staff and technical leads to deliver secure and mission-aligned encryption capabilities. You have a mission focus and take pride in building systems the right way and supporting them end-to-end. Active Top Secret/SCI clearance is required. Duties/Responsibilities: 3 Support end-to-end inline encryption engineering activities, including architecture input, detailed design, implementation planning, integration, validation, and operational transition. 3 Design, implement, integrate, and modernize Type 1 inline encryption capabilities across global enterprise networks, classified enclaves, multi-enclave environments, and air-gapped networks. 3 Engineer A-side/B-side placements, red/black separation, crypto boundary designs, keying dependencies, management paths, high availability, and failover behavior. 3 Integrate encryption capabilities across multiple transport layers, including WAN, LAN, private transport, commercial transport, cloud interconnect, satellite, and mission communications paths. 3 Coordinate crypto engineering dependencies with COMSEC, KMI, WAN, LAN, UC, identity, cybersecurity, infrastructure, and operations teams. 3 Develop crypto implementation plans, connection diagrams, test procedures, migration runbooks, configuration records, and operational support documentation. 3 Support lab validation, proof-of-concept activities, integration events, cutovers, troubleshooting, and operational acceptance testing. 3 Ensure encryption designs and implementation activities support applicable DoD, NSA, CNSS, RMF, ATO, STIG, and program security requirements. 3 Provide technical mentoring and implementation guidance to network and mission communications teams on crypto integration dependencies and operational impacts. Required Education, Certification, Skills, Capabilities: 3 Demonstrated senior-level experience implementing or integrating inline encryption, network encryption, COMSEC-dependent transport, or secure network boundary capabilities in classified or high-assurance environments. 3 Working knowledge of Type 1 encryption concepts, A-side/B-side design, red/black separation, encrypted transport integration, crypto boundary placement, and keying dependencies. 3 Experience supporting global or multi-site enterprise networks across WAN, LAN, private transport, carrier services, classified enclaves, or air-gapped operating environments. 3 Ability to coordinate technical dependencies among COMSEC, network engineering, cybersecurity, systems engineering, operations, and mission stakeholders. 3 Strong understanding of routing, switching, segmentation, transport diversity, high availability, failover, monitoring, and troubleshooting as they relate to encryption deployments. 3 Experience supporting RMF processes, ATO documentation, STIG compliance, security controls, or equivalent cybersecurity compliance activities for network infrastructure. 3 Ability to produce clear technical documentation, diagrams, implementation guides, test procedures, and operational handoff materials. Desired Education, Certification, Skills, Capabilities: 3 Experience with NSA Type 1 inline encryptors, HAIPE environments and cross domain solutions, TACLANE or equivalent controlled cryptographic equipment. 3 Familiarity with COMSEC operations, KMI processes, key material handling dependencies, and controlled equipment lifecycle processes. 3 Professional certifications such as Security+, CISSP, SANS, INCOSE CSEP or ESEP, OCSMP (MBSE), CCNP, JNCIP, or equivalent technical credentials. 3 Experience integrating encryption with SD-WAN, MPLS, satellite, cloud interconnect, UC, and mission communications environments. 3 Experience with packet capture, crypto troubleshooting, path validation, network performance analysis, or transport failover testing. 3 Familiarity with Zero Trust principles, defense-in-depth network design, and secure enclave integration. Primary Work Location: Work is expected to be fully onsite in Arlington, VA. Special Work Conditions: Occasional travel may be required; up to 10% Security: 3 Must be a U.S. Citizen 3 Active Top Secret/SCI clearance is required Competitive Salary: VT-ARC offers a competitive salary and benefits package designed to attract and retain senior technical talent supporting mission-critical programs. Salary: $185,000-$220,000/yr., based on skills, experience, clearance, technical depth, and mission alignment.