RDL Jump Host Administrator

RDL Jump Host Administrator

  • Location: Canada & India – Hybrid
  • Contract Length: 6-12 Months

We at Raise are hiring a RDL Jump Host Administrator for one of our top clients. After establishing themselves as an industry leader, they’re now expanding their team to meet rising demand. We’re hiring right now; if you’re interested, apply below for your chance to join a great place to work.

Responsibilities:

Jump Host System Administration & Hardening

  • Server Provisioning & Lifecycle: Deploy, configure, and maintain Linux-based (Rocky Linux, Ubuntu, CentOS) local jump host virtual machines operating on VMware vSphere or Microsoft Hyper-V clusters.
  • Operating System Hardening: Apply strict CIS (Center for Internet Security) hardening benchmarks on all jump host operating systems. Ensure that no unauthorized software or corporate agents (e.g., CrowdStrike, ServiceNow, ClearPass, Windows Domain utilities) are installed or active on endpoints installed on the VLAN behind the Jump Host.
  • Service Availability: Ensure the high availability, performance, patch status, and storage capaciyt of jump servers acting as gateways to the core RDL networks.

Export Control Compliance & Interactive Gates

  • Export Control Shell Banners: Configure and manage interactive, mandatory user agreement screens (e.g., using custom shell login scripts, Pluggable Authentication Modules (PAM), or SSH ForceCommand) specifically for systems accessing Export Controlled VLANs.
  • User Acceptance Verification: Ensure that users cannot acquire an interactive shell, run commands, or bypass the landing screen without explicitly reading and accepting the export control and NDA terms.
  • Tamper-Proof Acceptance Logging: Implement and maintain robust, structured logging systems (using Rsyslog, Journald, or custom secure local logging scripts) that capture:
    • The authenticated user's local/remote identifier.
    • Source IP and connection timestamp.
    • Explicit timestamped confirmation of the user's compliance acceptance.
  • Log Archival & Integrity: Set up secure, write-only log forwarding or local hashing protocols to ensure audit logs of export-control acceptances cannot be modified or deleted by general users.

Identity, Access, & Session Management

  • Decentralized Local Authentication: Programmatically or manually provision local Unix user accounts, localized Role-Based Access Control (RBAC), and SSH keys on all jump hosts.
  • Remote Integration Support: Partner with corporate IT to ensure seamless hand-offs from Zscaler ZTNA (via local Zscaler App Connectors) and CyberArk vPAM sessions terminating on the jump hosts.
  • Session Controls: Configure strict SSH timeouts, idle session terminations, and multi-factor authentication loops to prevent abandoned active connections.

Operations, Ticket Resolution & Collaboration

  • Workplace Collaboration: Align daily with the RDL Network Administrator to coordinate VLAN mappings, firewall rule adjustments, and routing protocols necessary for jump host access.
  • Engineering Support: Serve as a technical point of contact for HPS design engineers having credentialing, shell, or connection issues when entering secure environments.
  • Incident & Audit Readiness: Assist the Lead Network Architect in pulling audit trails and access reports during compliance reviews, system security audits, or customer security evaluations.

Technical Qualifications

Education & Experience

  • Bachelor’s degree in Network/System Administration, Computer Science, Cybersecurity, or equivalent technical experience.
  • 4+ years of dedicated experience in Linux System Administration, with a strong focus on secure system hardening, user management, and compliance auditing.

Required Technical Skills:

  • Linux Expertise (Expert Level): Mastery of Linux OS administration (Rocky Linux, RHEL, CentOS, Ubuntu) including shell scripting (Bash, Python), security policies, and package management.
  • Secure Access & Authentication: Comprehensive knowledge of SSH daemon configuration (sshd_config), PAM (Pluggable Authentication Modules) stack configuration, and secure local authentication patterns.
  • Audit & Log Engineering: Proven experience configuring structured logging systems, syslog routing, Rsyslog, or Journald to create secure, immutable compliance audit trails.
  • Access Technologies: Familiarity with Zscaler ZTNA (App Connectors), CyberArk vPAM, and Virtual Private Network (VPN) architectures.
  • Virtualization Basics: Practical experience administering virtual machines, virtual switches, and storage within VMware ESXi / vCenter or Microsoft Hyper-V.

Preferred Certifications:

  • Red Hat Certified System Administrator (RHCSA) or Engineer (RHCE)
  • CompTIA Linux+ or Linux Foundation Certified SysAdmin (LFCS)
  • CompTIA Security+ or GISF (GIAC Information Security Fundamentals)
  • CyberArk Certified Sentry or Trustee

Soft Skills & Working Style

  • Extreme Attention to Detail: Precise, systematic approach to system configuration, security rules, and audit trail maintenance.
  • High Integrity: Uncompromising commitment to maintaining security barriers, compliance standards, and ethical handling of export-controlled hardware and software.
  • Excellent Communicator: Strong written and verbal communication skills, necessary for writing technical LLD/SOP documentation, explaining access gates to end-users, and coordinating with the RDL Network Architect

Looking for meaningful work? We can help!

Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.

We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities.

We have a dedicated webpage for accommodations where you can learn more about what we offer and request accommodations: https://raise.jobs/accommodations/

In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or another job posting by Raise (or have any other questions), please contact us at +1 800-567-9675 or hello@raiserecruiting.com

RDL Jump Host Administrator

Similar job opportunities:

When you apply for a job with us, you consent to the use of automated screening tools — including voice and text analysis — for this job and future jobs with Raise. These tools help us review resumes, assess qualifications, and make initial recommendations; however, all final reviews and hiring decisions are made by people. Questions? Contact us at hello@raiserecruiting.com

Search all jobs:

Search jobs by title or keyword
Click here

Keep exploring!