Internet Architect

Position Summary

We are seeking Intranet Architect to design, deploy, and manage a highly secure, air-gapped internal content and knowledge management ecosystem. This role owns the full lifecycle architecture, hardening, and governance of an offline collaboration platform supporting sensitive defense-related operations. This position is based in North Carolina.

Benefits

• Medical (3 plans-Employer covered), Dental, Vision (These 2 are employee covered)
• HSA / FSA; Short/Long-term disability; PTO
• Life Insurance-Employer Covered
• Employee Assistance Program (EAP)SEP Roth Retirement Plan-Employer owned, up to 25% contribution from employer (avg. up to 20% last few yrs.)

Responsibilities

Architecture & Deployment

• Design and deploy a secure, air-gapped intranet platform (SharePoint, XWiki, Drupal, or Plone).
• Architect infrastructure within mixed Linux/Windows offline environments.
• Implement secure local AI and train on internal knowledge assets; Establish high-availability and redundancy strategies for internal networks.

Security & Compliance

• Implement Role-Based Access Control (RBAC) and integrate with LDAP/Active Directory/SAML.
• Enforce Zero Data Egress standards and harden systems (SELinux/AppArmor, firewall controls).
• Conduct security audits, vulnerability assessments, and compliance reviews.
• Eliminate external telemetry and external dependencies.

Offline Operations

• Maintain local package repositories and secure update processes.
• Deploy and manage containerized services (Docker/Podman); Maintain secure internal container registries and isolated application environments.

Governance & Documentation

• Develop architecture documentation, configuration baselines, and operational playbooks.
• Support cybersecurity audits and provide internal training.

Required Qualifications

• 5+ years in secure web application architecture (LAMP, Java/Spring, or Python/Django).
• Experience operating in air-gapped or offline environments.
• IAM integration experience (LDAP, AD, SAML).
• Proficiency in Docker or Podman.
• Experience managing internal package repositories and secure patching processes.
• Bachelor's Degree in Computer Science, required
• Familiarity with NIST 800-171, CMMC, or zero-trust architectures are a +
• Background in secure knowledge management systems.
• MUST pass background/Drug