Senior Network Engineer (CCIE) – Security

Job Title: Senior Network Engineer / Security SME

Location: Bolling AFB, Washington, DC

Type: Direct Hire

Contractor Work Model: Onsite

Security Clearance: Active Top Secret or TS/SCI required

Required Certifications: Current CCIE and DoD 8570 baseline certification, such as Security+ or equivalent

Candidates must possess a current clearance and meet additional customer suitability requirements.

This role supports highly sensitive, mission-critical government environments with high-visibility executive-level requirements. The Senior Network Engineer / Security SME will provide expert-level network engineering, security architecture, and operational support across enterprise and tactical networks. This position focuses heavily on network security infrastructure, including firewalls, VPNs, IPS, NAC, segmentation, secure remote access, and enterprise security modernization.

The ideal candidate will bring deep hands-on experience designing, securing, optimizing, and troubleshooting complex network environments while also serving as a technical leader and trusted advisor to government stakeholders.

Key Responsibilities

Network Security Engineering

Serve as the Subject Matter Expert for network security infrastructure across mission-critical enterprise environments.

Design, deploy, manage, and optimize enterprise firewall platforms, including rule-base design, segmentation, policy tuning, and advanced threat protection capabilities.

Engineer and maintain VPN and secure remote access solutions, including high-availability designs and certificate-based authentication.

Deploy, tune, and manage Intrusion Prevention Systems, including signature tuning, SIEM integration, and security event analysis.

Implement and maintain Network Access Control solutions to support endpoint security enforcement across wired and wireless environments.

Conduct threat modeling, vulnerability analysis, security risk assessments, and network security control reviews.

Develop and maintain secure baseline configurations, STIG documentation, network security policies, and incident response procedures.

Enterprise and Tactical Network Engineering

Translate government and stakeholder requirements into secure network architectures, including segmentation strategies, hardware and software selection, installation, configuration, and validation testing.

Provide Tier 3 and Tier 4 engineering support for complex network and security issues involving architecture, design, configuration, and operational processes.

Support the design and development of secure voice, video, RF, and data communications networks.

Analyze, evaluate, select, and upgrade network operating systems, protocol suites, security controls, and communications platforms.

Configure and secure routers, switches, concentrators, firewalls, and other network and security devices.

Architecture, Modernization, and Technology Assessment

Work directly with government stakeholders to evaluate emerging cybersecurity and networking technologies that modernize and strengthen existing architectures.

Analyze network topologies, traffic flows, segmentation, resiliency, and security controls to ensure performance and protection of critical environments.

Support the acquisition of hardware, software, and related services for secure enterprise networking initiatives.

Maintain current knowledge of cybersecurity technologies, frameworks, best practices, and secure network engineering methods.

Leadership and Executive-Level Support

Provide senior-level support for the design, deployment, and secure operation of business-critical and mission-critical network environments.

Serve as a technical lead or task lead, mentoring less-experienced engineers and providing technical oversight.

Support special projects and high-priority initiatives assigned by senior leadership.

Communicate clearly with technical and non-technical stakeholders, translating complex network and security concepts into actionable recommendations.

Required Qualifications

Active Top Secret or TS/SCI clearance.

Must meet additional customer suitability requirements.

Current CCIE certification.

DoD 8570 baseline certification, such as Security+ or equivalent.

10+ years of network engineering experience.

Deep hands-on experience with network security engineering, including firewalls, VPNs, IPS, NAC, segmentation, and secure enterprise architecture.

Experience providing Tier 3 or Tier 4 support in complex enterprise or mission-critical network environments.

Strong knowledge of routers, switches, network protocols, security controls, STIGs, and secure configuration baselines.

Ability to support onsite work at Bolling AFB in Washington, DC.

Preferred Qualifications

Bachelor’s degree in a technical field.

Experience supporting high-visibility government, DoD, executive-level, or mission-critical environments.

Experience with tactical networks, secure voice/video/data communications, RF-adjacent communications environments, or enterprise modernization efforts.

Prior technical leadership, task lead, or team lead experience.