Principal Federal Solution Architect
*Remote Position but ideally looking for someone in the DMV area.
Principal Federal Solution Architect - Zero Trust, Automation & Identity
The Senior Solutions Architect is the senior technical authority responsible for the design, integration, automation, and operational success of AppGate's Zero Trust Network Access (ZTNA) platform across U.S. Federal and DoD environments.
This role requires deep, hands-on engineering expertise, not abstract or presentation-level knowledge. The successful candidate must be capable of operating systems, writing and reviewing code, debugging live integrations, and troubleshooting failures at the protocol, OS, and application level. This role is intended for practitioners who build, integrate, and operate secure access systems in real-world Federal environments.
Responsibilities
Serve as final escalation point for the most complex Federal deployments
Lead deep technical architecture reviews with government and integrator teams
Mentor senior Solution Architects and engineers
Influence product direction related to automation, integration, and operability
Ability to work extended hours or flexible schedules as needed to meet customer needs, deadlines, and escalations
This role may require more than 40 hours per week
Travel Requirements
Flexibility and ability to travel to meet project and customer needs
Travel requirements will vary depending on the project and may exceed 50 percent
Technical Depth Expectations
For every domain listed, candidates are expected to demonstrate operational competence, including the ability to:
Configure and operate systems directly
Debug failures using logs, shell access, packet captures, and code inspection
Write and modify scripts or automation to solve real problems
Explain system behavior based on implementation, not abstraction
Design and architect systems aligned with customer requirements for Appgate ZTNA
Integrate Appgate ZTNA with third party systems and sources of trust or risk telemetry, including identity providers such as SAML, OIDC, RADIUS, LDAP, NGFWs, entitlement automation systems, SIEM, SOAR, ITSM, and others
Provide detailed documentation and effective information handoff
This role requires engineers who actively operate systems, write scripts, debug APIs, and analyze packet captures. Candidates whose experience is limited to diagrams, presentations, or vendor marketing materials will not be successful.
Core Responsibilities and Required Expertise
Linux Systems and Access Enforcement Platforms
Serve as a technical authority for Linux-based Zero Trust enforcement infrastructure
Operate and manage systems via SSH, including secure key-based access and privilege separation
Demonstrate deep hands-on knowledge of Bash scripting, process management, systemd, filesystem layout, permissions, and logging
Strong understanding of Linux networking internals including routing tables, policy routing, interface binding, traffic steering, and iptables or nftables
Diagnose complex cross-platform issues involving Linux, Windows, and macOS systems
JavaScript and REST API Integration
Develop and maintain JavaScript-based logic for integration and automation
Build and troubleshoot REST API integrations with systems such as Microsoft Graph and ServiceNow
Strong understanding of REST APIs, JSON data models, and authentication methods including OAuth, tokens, and certificates
Experience working in API-first and security-as-code environments
Containers and Kubernetes
Architect Zero Trust access for containerized and microservices-based workloads
Support Kubernetes environments including networking, service exposure, and service-to-service access
Ensure solutions scale across on-premises and cloud environments
Automation and Infrastructure as Code
Design and implement Infrastructure as Code using Terraform
Implement Configuration as Code and GitOps workflows
Integrate Zero Trust solutions into CI/CD pipelines
Ensure automation is version controlled, repeatable, auditable, and API-driven
Identity and Authentication
Architect identity-centric access solutions using enterprise identity systems
Hands-on experience with Active Directory, LDAP, Kerberos, SAML, OIDC, and RADIUS
Troubleshoot DNS across Windows, macOS, and Linux platforms
Experience with PKI, certificates, and authentication flows
Cloud and Infrastructure
Experience with virtualization platforms such as VMware, ESXi, and KVM
Experience designing secure solutions in AWS GovCloud, Azure Government, and Google Cloud Platform
Understanding of networking and IAM policies
Experience with AI or machine learning security is a plus
Endpoint Scripting
Design and troubleshoot scripts for endpoint posture and access decisions
PowerShell for Windows environments
Bash for macOS and Linux environments
Ensure scripts meet Federal security requirements
Networking and Security
Strong understanding of IP networking, TCP, ARP, TLS, and encryption
Familiarity with VPNs, ZTNA, MPLS, and SD-WAN
Experience with network security tools and architectures
Ability to troubleshoot using tools such as tcpdump and Wireshark
Compliance
Support STIG compliance for Linux systems
Experience with SCAP and OpenSCAP tools
Support RMF and ATO processes
Communicate effectively with security stakeholders
Integration and Interoperability
Integrate with identity systems, security tools, and enterprise platforms
Support multi-vendor Zero Trust environments
Work with partners and integrators on joint solutions
Leadership
Serve as escalation lead for complex deployments
Lead technical discussions with stakeholders
Mentor engineers and architects
Contribute to product direction
Required Qualifications
12 or more years of experience in networking, security, systems, or automation engineering
Strong experience with Bash, PowerShell, JavaScript, Linux, and REST APIs
Experience with identity systems such as Active Directory, DNS, PKI, SAML, and OIDC
Experience supporting Federal or high-security environments
Ability to obtain or maintain a U.S. security clearance
Willingness to work flexible hours as needed
Travel
Ability to travel as required by project needs
Travel may exceed 50 percent depending on the project
*** This is a direct hire for AppGate. This position is remote though candidates who live in the DMV are ideal.
Apply Now
Principal Federal Solution Architect - Zero Trust, Automation & Identity
The Senior Solutions Architect is the senior technical authority responsible for the design, integration, automation, and operational success of AppGate's Zero Trust Network Access (ZTNA) platform across U.S. Federal and DoD environments.
This role requires deep, hands-on engineering expertise, not abstract or presentation-level knowledge. The successful candidate must be capable of operating systems, writing and reviewing code, debugging live integrations, and troubleshooting failures at the protocol, OS, and application level. This role is intended for practitioners who build, integrate, and operate secure access systems in real-world Federal environments.
Responsibilities
Serve as final escalation point for the most complex Federal deployments
Lead deep technical architecture reviews with government and integrator teams
Mentor senior Solution Architects and engineers
Influence product direction related to automation, integration, and operability
Ability to work extended hours or flexible schedules as needed to meet customer needs, deadlines, and escalations
This role may require more than 40 hours per week
Travel Requirements
Flexibility and ability to travel to meet project and customer needs
Travel requirements will vary depending on the project and may exceed 50 percent
Technical Depth Expectations
For every domain listed, candidates are expected to demonstrate operational competence, including the ability to:
Configure and operate systems directly
Debug failures using logs, shell access, packet captures, and code inspection
Write and modify scripts or automation to solve real problems
Explain system behavior based on implementation, not abstraction
Design and architect systems aligned with customer requirements for Appgate ZTNA
Integrate Appgate ZTNA with third party systems and sources of trust or risk telemetry, including identity providers such as SAML, OIDC, RADIUS, LDAP, NGFWs, entitlement automation systems, SIEM, SOAR, ITSM, and others
Provide detailed documentation and effective information handoff
This role requires engineers who actively operate systems, write scripts, debug APIs, and analyze packet captures. Candidates whose experience is limited to diagrams, presentations, or vendor marketing materials will not be successful.
Core Responsibilities and Required Expertise
Linux Systems and Access Enforcement Platforms
Serve as a technical authority for Linux-based Zero Trust enforcement infrastructure
Operate and manage systems via SSH, including secure key-based access and privilege separation
Demonstrate deep hands-on knowledge of Bash scripting, process management, systemd, filesystem layout, permissions, and logging
Strong understanding of Linux networking internals including routing tables, policy routing, interface binding, traffic steering, and iptables or nftables
Diagnose complex cross-platform issues involving Linux, Windows, and macOS systems
JavaScript and REST API Integration
Develop and maintain JavaScript-based logic for integration and automation
Build and troubleshoot REST API integrations with systems such as Microsoft Graph and ServiceNow
Strong understanding of REST APIs, JSON data models, and authentication methods including OAuth, tokens, and certificates
Experience working in API-first and security-as-code environments
Containers and Kubernetes
Architect Zero Trust access for containerized and microservices-based workloads
Support Kubernetes environments including networking, service exposure, and service-to-service access
Ensure solutions scale across on-premises and cloud environments
Automation and Infrastructure as Code
Design and implement Infrastructure as Code using Terraform
Implement Configuration as Code and GitOps workflows
Integrate Zero Trust solutions into CI/CD pipelines
Ensure automation is version controlled, repeatable, auditable, and API-driven
Identity and Authentication
Architect identity-centric access solutions using enterprise identity systems
Hands-on experience with Active Directory, LDAP, Kerberos, SAML, OIDC, and RADIUS
Troubleshoot DNS across Windows, macOS, and Linux platforms
Experience with PKI, certificates, and authentication flows
Cloud and Infrastructure
Experience with virtualization platforms such as VMware, ESXi, and KVM
Experience designing secure solutions in AWS GovCloud, Azure Government, and Google Cloud Platform
Understanding of networking and IAM policies
Experience with AI or machine learning security is a plus
Endpoint Scripting
Design and troubleshoot scripts for endpoint posture and access decisions
PowerShell for Windows environments
Bash for macOS and Linux environments
Ensure scripts meet Federal security requirements
Networking and Security
Strong understanding of IP networking, TCP, ARP, TLS, and encryption
Familiarity with VPNs, ZTNA, MPLS, and SD-WAN
Experience with network security tools and architectures
Ability to troubleshoot using tools such as tcpdump and Wireshark
Compliance
Support STIG compliance for Linux systems
Experience with SCAP and OpenSCAP tools
Support RMF and ATO processes
Communicate effectively with security stakeholders
Integration and Interoperability
Integrate with identity systems, security tools, and enterprise platforms
Support multi-vendor Zero Trust environments
Work with partners and integrators on joint solutions
Leadership
Serve as escalation lead for complex deployments
Lead technical discussions with stakeholders
Mentor engineers and architects
Contribute to product direction
Required Qualifications
12 or more years of experience in networking, security, systems, or automation engineering
Strong experience with Bash, PowerShell, JavaScript, Linux, and REST APIs
Experience with identity systems such as Active Directory, DNS, PKI, SAML, and OIDC
Experience supporting Federal or high-security environments
Ability to obtain or maintain a U.S. security clearance
Willingness to work flexible hours as needed
Travel
Ability to travel as required by project needs
Travel may exceed 50 percent depending on the project
*** This is a direct hire for AppGate. This position is remote though candidates who live in the DMV are ideal.
Apply Now