System Administrator II

Alternative Experts LLC

$150K — $165K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of system administration experience in classified or secure DoD/IC environments.
  • Deep hands-on Linux proficiency across RHEL, Rocky Linux, and/or CentOS.
  • Demonstrated experience with DISA STIGs and SCAP compliance scanning.
  • Working knowledge of NIST SP 800-53 controls and RMF process.
  • Hands-on STE/STN installation, configuration, and support experience.
  • Solid understanding of PKI/TLS/cryptographic standards including DoD PKI and FIPS enforcement.
  • Strong IP networking fundamentals and host-based firewall management.
  • Experience with container platforms (Docker, Podman, Kubernetes, or OpenShift).
  • Experience with virtualization platforms (VMware vSphere, KVM/QEMU).
  • Storage management experience with NAS, SAN, LVM, and/or distributed storage.

Responsibilities

  • Administer, configure, harden, and maintain Linux server environments.
  • Apply and maintain DISA STIG configurations and remediate findings.
  • Manage system performance tuning, patch management, and OS lifecycle operations.
  • Support ongoing System Security Plan (SSP) development and compliance activities.
  • Conduct and document Risk Management Framework (RMF) activities.
  • Install, configure, and maintain Secure Telephone Equipment (STE) and STN infrastructure.
  • Manage DoD PKI operations including certificate issuance and trust store management.
  • Deploy, operate, and maintain containerized workloads and Kubernetes clusters.
  • Administer VMware environments and coordinate capacity planning.
  • Configure host-based firewalls and troubleshoot networking issues.

Benefits

  • Opportunity to work in a high-security environment at Fort Meade, MD.
  • Exposure to cutting-edge technologies in Linux and cybersecurity.
  • Be part of a mission-critical program within the Intelligence Community.
  • Professional development opportunities in advanced infrastructure management.
  • Comprehensive training on compliance and security standards.
Full Job Description
Job Type

Full-time

Description

ALEX is seeking an experienced Linux-focused System Administrator (Level 2) to support a mission-critical program within the Intelligence Community at Fort Meade, MD. This is an on-site position in a Sensitive Compartmented Information Facility (SCIF) environment. The successful candidate will be responsible for the day-to-day administration, security compliance, and operational health of complex Linux-based infrastructure spanning virtualized environments, container platforms, and classified networked systems.

The SA Level 2 operates with a high degree of independence and serves as a technical authority on Linux systems engineering, PKI/cryptographic policy enforcement, storage management, IP networking, and security compliance. This role carries significant responsibility for System Security Plan (SSP) maintenance, STIG implementation, and supporting Secure Telephone Equipment/Network (STE/STN) infrastructure within a heavily regulated RMF/NIST framework.

Key Responsibilities

Linux Systems Administration
  • Administer, configure, harden, and maintain Red Hat Enterprise Linux (RHEL), Rocky Linux, and/or CentOS Stream server environments.
  • Apply and maintain DISA STIG configurations using OpenSCAP and other SCAP-compliant tooling; remediate findings from automated scans.
  • Manage system performance tuning, patch management (yum/dnf), software package management, and OS lifecycle operations.
  • Configure and manage system services, daemons, scheduled tasks, logging (rsyslog/journald), and audit frameworks (auditd)
  • Provide Tier 1 and Tier 2 application support and general troubleshooting across all Linux-based systems.

Compliance - SSP, RMF, and STIG
  • Support ongoing System Security Plan (SSP) development, maintenance, and compliance activities in accordance with NIST SP 800-53 Rev 5 controls.
  • Conduct and document Risk Management Framework (RMF) activities including control implementation statements, POA&M tracking, and continuous monitoring.
  • Perform and respond to vulnerability assessments; coordinate CVE remediation and ensure timely patching.
  • Maintain system authorization boundaries, support A&A activities, and coordinate with the ISSO/ISSM.
  • Enforce DoD crypto policies including FIPS 140-2/140-3 mode configuration.

STE/STN Support
  • Install, configure, and maintain Secure Telephone Equipment (STE) and Secure Telephone Network (STN) infrastructure.
  • Coordinate STE/STN provisioning, moves, adds, and changes (MACs) with communications and security personnel.
  • Troubleshoot STE/STN connectivity and interoperability issues.
  • Maintain accurate inventory and documentation for all STE/STN endpoints.

PKI, TLS, and Cryptographic Management
  • Manage DoD PKI operations including certificate issuance, renewal, revocation, and trust store management.
  • Configure and maintain TLS/SSL for system services and applications.
  • Administer hardware security modules (HSMs) and software-based key management systems where deployed.
  • Apply and enforce system crypto policies to ensure FIPS compliance across all managed systems.

Containers and Cloud Environments
  • Deploy, operate, and maintain containerized workloads using Docker and/or Podman.
  • Administer Kubernetes or OpenShift container orchestration clusters within classified/air-gapped environments.
  • Manage container image pipelines including base image hardening, vulnerability scanning, and approved image registries.
  • Support lifecycle management of containerized applications.

Virtualization
  • Administer VMware vSphere/vCenter environments including ESXi host management.
  • Manage KVM/QEMU-based virtual environments on Linux hosts.
  • Coordinate capacity planning and resource optimization across virtualized infrastructure.

Storage Management
  • Administer NAS and SAN systems; manage LUN provisioning, zoning, and multipath I/O.
  • Operate and maintain Ceph distributed storage clusters.
  • Configure and manage LVM, RAID arrays, and filesystem operations.
  • Implement and verify data-at-rest encryption requirements.

IP Networking and Firewall Management
  • Configure and manage host-based firewalls (firewalld, iptables/nftables) on Linux systems.
  • Configure and manage host-based firewalls (firewalld, iptables/nftables) on Linux systems.
  • Troubleshoot TCP/IP networking issues including routing, DNS, DHCP, VLAN segmentation.
  • Interface with network engineers on firewall rule changes and ACLs.


Requirements

Required Skills and Qualifications:
  • Deep hands-on Linux proficiency across RHEL, Rocky Linux, and/or CentOS
  • Demonstrated experience with DISA STIGs and SCAP compliance scanning
  • Working knowledge of NIST SP 800-53 controls and RMF process
  • Experience with SSP development and A&A/ATO activities
  • Hands-on STE/STN installation, configuration, and support experience
  • Solid understanding of PKI/TLS/cryptographic standards including DoD PKI and FIPS enforcement
  • Strong IP networking fundamentals and host-based firewall management
  • Experience with container platforms (Docker, Podman, Kubernetes, or OpenShift)
  • Experience with virtualization platforms (VMware vSphere, KVM/QEMU)
  • Storage management experience with NAS, SAN, LVM, and/or distributed storage
  • DoD 8140 IAT Level II compliance (Security+, CASP+, or equivalent)

Desired Skills
  • Experience with Ansible, Puppet, SaltStack, or Chef
  • Proficiency in Bash and Python scripting
  • OpenShift Container Platform experience in classified deployments
  • Experience with cross-domain solutions (CDS)
  • Familiarity with DoD cloud environments (AWS GovCloud, C2S)
  • Red Hat RHCSA or RHCE certification

Experience
  • 5+ years of system administration experience in classified or secure DoD/IC environments.

Education
  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field. Equivalent experience may be substituted.


Similar Jobs

More Jobs at Alternative Experts LLC

  • Network Engineer III
    $195K — $205K *
    Fort George G Meade, MD 20755 (Anne Arundel County)
    Aerospace & Defense
    In-Person
  • System Administrator II
    $150K — $165K *
    Fort George G Meade, MD 20755 (Anne Arundel County)
    Information Technology
    In-Person
  • DevOps Engineer
    $175K — $195K *
    Fort George G Meade, MD 20755 (Anne Arundel County)
    Technical Services
    In-Person
  • Agile Developer
    $155K — $170K *
    Fort George G Meade, MD 20755 (Anne Arundel County)
    Aerospace & Defense
    In-Person

More Information Technology Jobs

Find similar System Administrator II jobs: