Sr Network Security Engineer                         Job#JRTHU0146

Revised on 8/30/2018

 

Location: Washington, DC 20059

Security Clearance: None (Background Check)

Job Type: Full-Time (W2 or 1099)

 

Seeking a Network Security Engineer to become an integral part of our team! You will be responsible for designing, maintaining, and implementing firewalls, IDS/IPS systems, F5 Loadbalancers, and McAfee SIEM, Nessus security devices. This position will provide engineering, design, and implementation solutions for multiple network architectures. This position will have a strong background in network security, IPS systems, Cisco switching and routing implementation, security device implementation, F5 web application firewalling and TCP/IP protocol analysis.

The Network Security Engineer designs, augments, maintains and monitors network security in multiple computing environments by identifying network security requirements; installing security upgrades; monitoring network security devices and logs, and managing network security configuration consistency. This position requires strong communication skills and strong technical writing capability.

EXPERIENCE LEVEL: Minimum of 5 years working in information systems, computer science, or related fields (may be concurrent) and at least 2 years with hands-on administration of information systems.

EDUCATION: Bachelor’s degree in information systems, computer science, or related fields or 2 years additional equivalent experience.

CERTIFICATIONS AND TOOLS: The ideal candidate will have one or more of the following certifications: CISSP, CASP, CCNP, Security, CCNA Security, CEH

 

SECURITY CLEARANCE: N/A. However, must be able to pass a background investigation

DESCRIPTION: Functionally, the candidate will be responsible for:

Working face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to fruition in a highly motivated, fast paced environment.

Verifying compliance with DISA Security Technical Implementation Guides (STIG).

Verifying compliance with Center for Internet Security (CIS) Benchmark checks.

Familiarity and hands-on experience with automated scanning tools such as Nessus and nCircle.

Conducting in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.

Analyzing business models, workflows, and organizational dimensions as they relate to the design, implementation and support of the information system.

Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc. In-depth knowledge and hands on experience of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, Vulnerability

Scanning and Virus protection technologies)

  • Understanding of LAN/WAN design and general internetworking technologies. Hands-on experience a plus.

  • Maintains/ enhances security posture in DMZ networking environments by administering F5 and Cisco based security architectures using access control lists, logging, RADIUS/ TACACS protocols, anti-Denial of Service optimization, and application-based security load balancing technologies. Works with F5 ASM technologies.

  • Provides network security leadership and is excellent in written and verbal skills, understanding the value and importance of communication and documentation in mission objectives.

  • Establishes network security specifications by analyzing network security health, workflow, access, information, and security requirements; performing firewall/ IDS administration, including access control maintenance, signature tuning, and SEIM (Security Event and Incident Management) log management.

  • Meets regularly with security collaboration team to develop, augment, and discuss current and new emerging network security techniques, and security design.

  •  Secures network by developing network access, monitoring, control, and evaluation techniques; maintaining documentation. Maintains network security posture by performing network monitoring and analysis, and intrusion detection tuning; evaluating network anomalies; and escalating problems to Security Officer

 

Qualifications

  • 5 years of experience in Network Security Implementation

  • Bachelor’s Degree (or commensurate experience)

  • Firewall design and implementation experience 

  • IPS/IDS experience 

  • Cisco router and switch experience 

  • Working OSPF design, configuration, implementation and troubleshooting experience 

  • Advanced Ip network troubleshooting

  • Proficient in creating detailed network diagrams 

  • Experience in creating written deliverables 

  • Experience with ASA +  Firepower desired

  • Meraki experience is a plus

  • Strong troubleshooting and critical thinking skills

  • Strong attention to detail, good documentation skills, ability to write clear, concise project reports

  • Ability to function with minimal instruction or supervision, or as a part of larger team reporting to formal project management. Strong communication and organizational Able to travel within the region or work remotely as needed to support consulting customers

  • Must be able to pass a drug screen and background investigation