Full Job Description

***MUST have an active Secret Clearance (or higher)

  • Provide network architectural design, modeling, engineering, implementation, sustainment, migration, technical refresh, and lifecycle services for the DISA Datacenter and Cloud enterprise network infrastructure. Network services and products supported shall include, but are not limited to, routers, switches, firewalls, web application firewalls, DNS, email gateways, proxy services, VPN, Local Area Network (LAN), Wide Area Network (WAN) and protocols, cryptographic devices, associated device software and firmware, diagnostic tools, and automation systems. The contractor shall also support a number of Intrusion and Detection Systems (IDS) and other network defense architectures in support of cyber defense operations and initiatives.
  • Provide design solutions and implementation guides, Bill of Materials (BOM), Cost Estimates, and use DoD and Industry best practices. Contractor is responsible for providing service transition to operations and shall reference an Information Technology Infrastructure Library (ITIL) Framework
  • Provide/support implementation solution documents and WAF subject matter expertise for the configuration and maintenance of DISA hosted Application Delivery Controllers to include software modules such as F5 BIG-IP Local Traffic Manager (LTM), Global Traffic Manager (GTM), Access Policy Manager (APM), and Application Security Manager (ASM) modules.
  • Design, engineering, implementation, migration and sustainment support for migrating and sustaining applications aligned behind the WAF.
  • Recommend operational processes to ensure successful migration and maintenance of applications behind Web Application Firewall (WAF)
  • Design solution documentation that outlines guidance on licensing, physical architecture, logical configuration, eligibility, checklist application inventory, security policy protection phases, and basic administration to include system configuration baseline and security policy configuration baseline
  • Build, implement and document network enabled applications taking into consideration various factors such as but not limited to infrastructure requirements or limitations, security, and application performance needs and best practices.
  • Provide network architectural design, engineering, implementation, sustainment, migration, technical refresh, and lifecycle services for the DISA Datacenter and Cloud enterprise network infrastructure
  • Network services and products supported shall include, but are not limited to, routers, switches, firewalls, web application firewalls, DNS, email gateways, proxy services, VPN, Local Area Network (LAN), Wide Area Network (WAN) and protocols, cryptographic devices, associated device software and firmware, diagnostic tools, and automation systems. The contractor shall also support a number of Intrusion and Detection Systems (IDS) and other network defense architectures in support of cyber defense operations and initiatives.
  • Continuously monitor the Government owned project management system for project support requests, project priority, triage to ensure urgency/impact are clearly defined, project assignments, project tasks/activities, project timelines and suspense, project reporting, and project briefings
  • Proficiently communicate and brief ideas and information to people of a non‐technical background include senior leadership
  • Responsible for all lifecycle components’ compliance with security controls, including confidentiality, integrity, and availability as well as compliance with Security Technical Implementation Guidelines (STIG) in depth
  • Engineer and implement network architectural changes in response to future network technology enhancements, DISA customer requirements, security requirements and enhancements, technical refresh efforts, lifecycle requirements, or changes in network capacity requirements.
  • Prepare and solution design/technical documentation to include whitepapers, briefings, and other required documents to support all engineering and implementation efforts with established policy and processes
  • Recommend operational processes to ensure successful migration and maintenance of applications behind Web Application Firewall (WAF)
  • Adhere to DISA enterprise network standards to include: developing support documentation, leading technical working groups, conducting product evaluations, developing recommendations, and preparing and presenting briefings
  • Ensure that all engineering and implementation efforts adhere to DISA and DoD policies, and directives from United States Cyber Command (USCC) and Joint Force Headquarters DODIN (JFHQ-DODIN).

Required Technical Skills:

  • Must have an active SECRET or higher security clearance
  • 10+ years of relevant experience with design and implementation of complex Datacenter and Enterprise Network infrastructure in a multi-vendor environment
  • DoD 8570.01-M/8140.01 IAT Level II Certification (can be one of the following: Security+ or CySA+)
  • Relevant Computing Environment (CE) certification based on the equipment and software relevant to primary duties
  • CCNP, CISCO, F5, Juniper (JNCIS, JNCIP) certification preferred
  • Strong and extensive knowledge of datacenter‐based network methods, protocols, and technologies to include:
    • Routing [BGP/ OSPF/MP-BGP/ MPLS/VPN/Multicast/PBR]
    • Switching [RSTP, VLAN, VXLAN, LLDP, VPC, LACP, LAG]
    • TCP/IP, IPv4, IPv6, UDP, Layer 1 through Layer 7, IPSEC, HAIPE
    • Firewalls [VPN, ACLs, Whitelisting]
    • Load balancing [APM, ASM, LTM, GTM]
    • SDN/ NFV/ IAC [ACI, Service Insertion, Ansible]
    • Identity and Access Management with RBAC [AAA/RADIUS/TACACS/ LDAP]
    • Network management and analysis (Performance Manager (PM), Juniper Space, Cisco ISE, Splunk]
    • Structured cabling and installation standards
    • Application of net‐ work security and design practices
    • Cloud management [AWS/AZURE]
  • Knowledge in software modules to include: [F5 BIG-IP Local Traffic Manager (LTM), Global Traffic Manager (GTM), Access Policy Manager (APM), and Application Security Manager (ASM)
  • Must be proficient in use of government systems to track ops and management of systems and performance including but not limited to ITSM, GTMS, Hewlett Packard Operations Orchestration (HPOO), ServiceNow, 0365, Microsoft Teams
  • IT Bachelor’s Degree or Vendor Network Certification (Professional or higher)

Environment

  • Great benefits: Paid time off, flexible work schedule, teleworking allowed, medical/dental/vision plan, 401k; and more
  • Tuition assistance for continuing or career-related education
  • Our cultural focus is on people and results – not bureaucracy
  • Ample opportunity for career growth – we promote from within
  • Leadership takes a constructive interest in every team member’s success
  • Work/Life Balance and flexible hours
  • Be part of a close-knit team that works and plays together and helps one another succeed
  • You will not be micromanaged: plan, prioritize, schedule and be accountable for your own tasks
  • Casual workplace
  • Open-door policy with all management

**Salary is commensurate with education and experience**

Job Category: Engineering
Job Type: Full Time

Apply for this position

Allowed Type(s): .pdf, .doc, .docx