Senior Network Engineer
Security Clearance: Current Department of Defense (DoD) Top Secret - Sensitive Compartmented Information (TS/SCI) with Polygraph clearance is required.
Description: Braxton-Grant Technologies is looking for a Senior Network Security Engineer to provide assistance in all aspects of network management from network design through implementation, maintenance, and upgrading of existing networks. The qualified person in this position analyzes designs, specifications, and related documents; implements communication system requirements to support the distributed functionality of a software engineering environment; analyzes network characteristics (e.g. traffic connect time, transmission speeds, packet sizes and throughput); troubleshoots problems and recommends procurement of and/or modifications to network components. Also, he or she will ensure the overall health and strong security posture of complex network architectures. Individual will be actively involved with all phases of network security design, implementation, proactive monitoring, troubleshooting and analysis of firewalls, IDSs, VPNs, security controls and policies. The Engineer will ensure compliance is maintained with DOD Information Assurance requirements as well as ensuring service performance indicators are met or exceeded. Possible duties include but are not limited to:
• Design solutions, integrate, configure, deploy, test and provide support for numerous types of network devices, interfaces and methodologies
• Optimize end-to-end system performance and dataflow management
• Configure and optimize the network to connect various front-end and back-end components
• Coordinate with the system engineering and dataflow efforts to ensure proper mission operations with minimal down time
• Facilitate the implementation of high-speed, scalable, fault-tolerant network topologies as applicable to WAN and LAN design
• Implement specific network solutions to support server requirements to include load-balancing, VPN’s, firewall contexts, and network address translation (NAT) where appropriate
• Minimize network latency and maximize data throughput through design analysis and network performance monitoring tools
• Manage assigned tasks and provide guidance to junior Network Engineers
• Validate new and existing dataflow and data formats
• Coordinate with appropriate dataflow organizations and end-customer recipients, follow-on data repositories and tasking organizations and understand potential adverse impacts on system-wide dataflow
• Design, integrate, test and deploy RF communications solutions
• Lead large efforts of dynamic requirements and scale
• Work with System engineers and cross organizational teams to define requirements
• Support efficient repeatable inspection process of network boundary traffic to inspect for evidence of successful and failed compromises, Advance Persistent Threats, and misuse of standard, permitted services
• Support efficient repeatable inspection process to support review of all boundary services including but not limited to firewalls, proxies, and VPNs, to ensure the security posture of the services are consistently applied, done so in accordance with mission and industry best practices
• Support regular technical assessments of network boundaries to ensure boundaries remain secure; assessments will include use of security tools in coordination with security elements of the agency
• Support monthly reviews of all authorization services to ensure that only authorized users have continued access and that their access is minimized to the greatest extent possible to accomplish their job functions
• Support Security Investigations as requested by Agency Security organizations to include traffic inspection, dissection and reassembly of traffic
• Consult and engineer next generation solutions to meet changing security needs which are compliant with Agency policies and incorporate industry best practices when possible
• Design, Configure, Deploy and Monitor integration of network security solutions with Agency authorized authentication services including PKI, TACACS, RADIUS, Active Directory and required authorization services
• Design, Configure, Deploy and Monitor local and global load balancing functions which support network performance while maintaining security solutions
Education: Bachelor’s degree in engineering from an accredited college or university is required. Four (4) years of additional network engineering experience may be substituted for a bachelor’s degree.
• Twelve (12) years directly related experience.
• Five (5) years of experience with What’s Up Gold and Netflow.
• Five (5) years of demonstrated experience in Computer Network Operations - Protection Level (PL) 3 high/high solutions utilizing Layer 2 to Layer 7 Security+ Certification
• Experience operating, managing, monitoring, and deploying network security devices and systems, using advanced knowledge of security networking devices such as: application, proxy, and packet based firewalls (i.e. McAfee Enterprise firewall appliances, Control Center Management appliances, IPSEC, SSL and SSH applications, Cisco Secure Access Control Servers (ACS), Cisco Security Manager (CSM), Cisco VPN and firewall devices, Web Proxy, Load balancer, and related software and hardware used in LAN/WAN networks).
• Ability to work independently with little direction and guidance.
• Excellent writing and communication skills, including the ability to develop analytical documents and conduct oral presentations.
• Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions.
• Experience with Intelligence Community Directive (ICD) 503 instructions; system accreditation and security system documentation.
• Knowledge of IP services (IPv4, VPN, IPv6, Multicast, QOS, SNMP, VOIP, VTC, etc.).
• Experience in providing reports and products to senior management and customers.
• Experience with plans, designs, and evaluations of network security systems and architectures.
CCNP Security and/or CCNA Security certification
Company Overview: Founded in 1997, Braxton-Grant Technologies, Inc., (BGTech) is a customer focused Woman-Owned Small Disadvantaged Business Cybersecurity consulting firm, specializing in network and data security. BGTech offers leading edge integration solutions to meet the ever-changing needs of today's dynamic network security environment by providing a range of services with an emphasis on information and cybersecurity. Services include: Managed Security Services, Hardware & Software Sales; Training; Support Desk; and Professional Services such as Cybersecurity Architecture and Engineering, Network Assessments, Vulnerability Scanning and Analysis, and Product Implementation.
Comments are closed