Full Job Description

***MUST have an active Secret Clearance (or higher)

  • Develop/deliver solution documentation that outlines guidance on licensing, physical architecture, logical configuration, eligibility, checklist application inventory, security policy protection phases, and basic administration to include system configuration baseline and security policy configuration baseline
  • Provide support to management of all lifecycle components’ compliance with security controls, including confidentiality, integrity, and availability as well as compliance with Security Technical Implementation Guidelines (STIG) in depth
  • Partake in high level government briefings are attended to attain situational awareness of government efforts and mission priorities
  • Contribute technical documentation to include whitepapers, briefings, and other required documents to support all engineering and implementation efforts with established policy and processes
  • Provide high level guidance to customers to ensure devices are upgraded in 30 days of receipt of listing in accordance with monthly code upgrade to maintain IAVA compliance
  • Handle all software and firmware on network hardware and OEs are maintained and up to date on vendor supportable code versions
  • Work with leadership with recommendations in operational processes to ensure successful migration and maintenance of applications behind Web Application Firewall (WAF)
  • Help in the documentation of an Infrastructure Failover Test Plan (IFTP) and processes for government review and approval
  • Assist in planning, scheduling, execution, and closeout of Authorized Services Interruptions (ASI) in support of infrastructure network changes
  • Support the development of ASI migration guide detailing configuration steps, migration details, and fail-back plan
  • Provide hardware and software lifecycle tracking, code evaluation
  • Run custom scripts that shall be used to determine more efficient and less resource intensive solutions
  • Ensure updates are made to Master Technology Security Groups (MTSG) and Delta Security Policies (DSP) as new application categories are discovered
  • Communicate and brief ideas and information to people of a non-technical background to include senior leadership

Required Technical Skills:

  • Must have an active SECRET or higher security clearance
  • 6+ years of relevant experience with implementation and sustainment of complex Datacenter and Enterprise Network infrastructure in a multi‐vendor environment.
  • DoD 8570.01-M/8140.01 IAT Level II Certification (can be one of the following: Security+ or CySA+)
  • Relevant Computing Environment (CE) certification based on the equipment and software relevant to primary duties
  • CCNA, CISCO, F5, Juniper (JNCIS, JNCIP) certification preferred but not required
  • Strong and extensive knowledge of datacenter‐based network methods, protocols and technologies to include:
    • Routing [BGP/ OSPF/MP-BGP/ MPLS/VPN/Multicast/PBR]
    • Switching [[Rapid Spanning Tree Protocol (RSTP), Virtual Local Area Network (VLAN), Virtual Extensible LAN (VXLAN), Link Layer Discovery Protocol (LLDP), Virtual Private Cloud (VPC), Link Aggregation Control Panel (LACP), Link Aggregation (LAG]]
    • Transmission Control Protocol/Internet Protocol (TCP/IP, ) [Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), User Datagram Protocol (UDP), Layer 1 through Layer 7,  Internet Protocol Security (IPSEC), High Assurance Internet Protocol Encryptor (HAIPE)]
    • Firewalls [ [VPN, Access Control Lists (ACLs), Whitelisting]]
    • Load balancing [Access Policy Manager (APM), Application Security Module (ASM), Local Traffic Manager (LTM), Global Traffic Manager (GTM)]
    • Software Defined Networking (SDN)/ Network Functions Virtualization (NFV)/ Infrastructure as Code (IAC) [Cisco Application Centric Infrastructure (ACI), Service Insertion, Ansible]
    • Identity and Access Management with RBAC [AAA/RADIUS/TACACS/ LDAP]
    • Network management and analysis (Performance Manager (PM), Juniper Space, Cisco Identify Services Engine (ISE), Splunk]
    • Structured cabling and installation standards
    • Application of network security and design practices
    • Application of net‐ work security and design practices
  • Demonstrate  strong understanding of network management and analysis (Performance Manager (PM), Juniper Space, Cisco Identify Services Engine (ISE), Splunk]
  • IT Associate Degree or Vendor Network Certification (Professional or higher)

Environment

  • Great benefits: Paid time off, flexible work schedule, teleworking allowed, medical/dental/vision plan, 401k; and more
  • Tuition assistance for continuing or career-related education
  • Our cultural focus is on people and results – not bureaucracy
  • Ample opportunity for career growth – we promote from within
  • Leadership takes a constructive interest in every team member’s success
  • Work/Life Balance and flexible hours
  • Be part of a close-knit team that works and plays together and helps one another succeed
  • You will not be micromanaged: plan, prioritize, schedule and be accountable for your own tasks
  • Casual workplace
  • Open-door policy with all management

**Salary is commensurate with education and experience**

Job Category: Engineering
Job Type: Full Time

Apply for this position

Allowed Type(s): .pdf, .doc, .docx