Home / Jobs

Lucid Technologies Inc

The Logical Solutions

Desktop Encryption Subject Matter Expert
Job Title: IT - Systems Administrator II
Job Description: Desktop Encryption Subject Matter Expert
Location work will be Raleigh – NC HYBRID (2 days in office 3 days remote)

Overtime required: Yes, with on call support required.

• All overtime must be pre-approved in writing by the client manager or his/her designated representative.
• We will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.


Desktop Encryption resource is needed to provide critical Client’s security expertise and maintain the current encryption team staffing structure. The desktop encryption team’s focus is supporting the encryption infrastructure platform, protecting user data, providing locally developed data recovery tools, ensuring we comply with the latest industry and corporate security standards and engineering a secure architecture protects the Postal brand. This team not only provides support to operations, but also assists CISO, the OIG and Postal Inspectors with recovering forensic data used as evidence in investigative actions for potential prosecution. The team constantly explore new technologies of innovation that institute stronger controls to restrict exposure to Postal information.

Required Skills:
  • Develops and maintains specialized knowledge of current and emerging technologies within assigned division or platform.
  • Performs capacity and performance analyses and develops and implements recommendations.
  • Provide advanced support for all production failures as assigned and support and comply with company problem management standards and processes.
  • Perform application development, enhancement, and maintenance support for application code for services ranging from simple to extremely complex.
  • As needed: peer review of code, design test plans, and base performance validation.
  • Complete all mandatory application documentation.
  • Evaluate, plan, manage, track, and provide status on system maintenance, enhancement, and support activities at a task level, as assigned.
  • Multiple years of experience with various end-point encryption products
  • Knowledge and ability with multiple versions of end-point products
  • Proven testing capabilities with various end-point products
  • Provide engineering, maintenance, and application encryption support for over 30,000 endpoints.
  • Provide day-to-day internal customer support (CISO, postal inspectors, postmasters, sales, clerks, etc.)
  • Develop data encryption and OS recovery tools to recover lost or corrupted user data files from defective hardware or from failed machine startups.
  • Research, diagnose and implement the latest industry encryption standards and products to ensure the strongest security posture is engineered throughout the service.
  • Perform server OS and device application version upgrades.
  • Examine current architectural designs and recommend industry best practices for success.
  • Upgrade multiple IT platforms (Dev, CAT, Prod) with the latest application versions to eliminate security risks.
  • Develop software deployment strategies for release.
  • Test latest encryption software packages against current and future hardware and software platforms to ensure compatibility with the latest business refresh efforts.
  • Implement business security standards (SSL, certificate renewals and TLS communications) to ensure compliance with business and industry objectives.
  • Ensure client and server systems are upgraded with the most current software versions, security certificates and application configurations.
  • Provide visibility to stakeholders on program stability and progress through reporting technologies.
  • Monitor security postures in the infrastructure and assists with production planning to eliminate potential vulnerabilities.
  • Provide corporate policy reviews, reporting and incident response best practices.
  • Hands-on incident escalation and remediation, including documentation of incident response workflows.
  • Evaluate program failures and implement remediation solutions for success.
  • Build vendor/customer relationship to receive latest product releases and outlook projects.

Support Function:
USA Domain Server-Side Upgrades and advancements:
  • Add SecureDoc encryption to approximately 67,000 endpoints (began the FY at 40,000 – Current endpoint saturation is ~107,000 which is managed by two Client Employees)
  • Add four servers to the SecureDoc (SD) infrastructure to accommodate increased communications load from new SD endpoints.
  • Change settings on all communications servers to support the larger endpoint count, including communications frequency between endpoints and servers. 
  • Standardized on 8GB RAM on each server for load balancing and upgraded as required. All servers are Windows Server 2019 and SQL Server 2019.
  • Upgrade SD infrastructure from v8.6 to v9.0 SR3, leveraging MECM/Adaptiva infrastructure. Endpoint upgrades in process (approximately 107,000), completion by end of FY23.
  • Work with ETE Platform Integration to develop endpoint upgrade package files for existing endpoints and to incorporate 9.0 SR3 into new endpoint builds at Topeka.

WEB Portal Instance / Field Access / Developer DEVSUB Endpoint Environment Creation
  • Create separate Tier 1, 2, and 3 support roles for the SecureDoc web portal, and assigned approximately 180 field level personnel to these roles. This limited web interface enables support to resolve logon, locked/dormant endpoint, and user issues, reducing Service Desk calls and WTIL.
  • Stay in front of certificate renewals for SD USA, CAT, and Devsub infrastructures. Current certs are good through calendar 2023.
  • Assist other ETE teams and Topeka in developing a Devsub build including SD client pointing to the Devsub SD instance. Incorporation into the new Devsub build eliminated several hours per laptop needed to decrypt existing devices, move them into Devsub, and re-encrypt them, for all new Devsub endpoints going forward.
  • Deploy a new, dedicated SD infrastructure in Devsub to support approximately 1,000 developers given new laptops requiring disk encryption.
  •  Assist other ETE teams and Topeka in developing a Devsub build including SD client pointing to the Devsub SD instance. Incorporation into the new Devsub build eliminated several hours per laptop needed to decrypt existing devices, move them into Devsub, and re-encrypt them, for all new Devsub endpoints going forward.
  • Manually assigned more than 270 developers administrator level access on their Devsub laptops as needed to perform their job duties.
Other Support Functions
  • Maintain and upgraded a web page used by field IT staff containing BIOS settings and critical information for all the 50+ endpoint models used in the field.
  • Create a suite (Sun Valley) allowing recovery of data from crashed systems via bootable flash media and created support KB documents detailing the process. Upgraded Sun Valley from Windows 10 22H2 to Windows 11 Core Sun Valley 2 to accommodate new hardware.
  • Review 10 new dock models for SecureDoc compatibility. Created documentation on all docking stations and port replicators and published a whitepaper guide to all docking stations in the field.
  • Create and updated a SecureDoc for Dummies document linking to SD training videos on the web portal.
  • Respond to many numerous ad hoc requests for support/assistance made directly to the team through phone calls or emails.
Additional Provisions:
  • Pass both a client mandated clearance process to include drug screening, criminal history, and credit checks.
  • Please note that any usage and detection of cannabis with or without a prescription will result in a failed US Postal clearance regardless of the legalization under State Laws.
  • Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
  • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
  • All candidates must be a US Citizen or have permanent residence status (Green Card). 
  • Candidate must have lived in the United States for the past 5 years.
  • Cannot have more than 6 months’ travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)


Thanks & Regards,

Tellamekala Golla Vamsi
IT Recruiter
Lucid Technologies Inc
O: 214-385-4144 Ext: 214
F: 214-889-5857¬¬¬
W: www.LucidTechINC.com
Supplier Registration: https://lucidtechinc.com/supplierregistration