Senior Network Engineer (TS/SCI with Poly)

Braxton-Grant Technologies

Columbia, Maryland

JOB DETAILS
SKILLS
Access Control, Analysis Skills, Authentication, Best Practices, CCNA - Cisco Certified Network Associate, CCNP - Cisco Certified Network Professional, Cisco Network Systems, Communication Skills, Communication Systems, CompTIA Security+, Computer Networks, Computer Operations, Computer Skills, Consulting, Data Formats, Department of Defense Architecture Framework (DoDAF), Dissection, DoD Information Assurance - IA, Documentation, Engineering, Firewall Appliances, Firewalls, IPsec (IP Security), IPv4, IPv6, ITIL (IT Infrastructure Library), Identify Issues, Intelligence Community, International Classification of Diseases (ICD), Internet/Online Service, Load Balancing, Local Area Network (LAN), Maintain Compliance, Microsoft Active Directory, Multicast, NAT (Network Address Translation), Netflow, Network Administration/Management, Network Architecture/Engineering, Network Configuration Management, Network Connectivity, Network Design, Network Integration, Network Monitoring, Network Performance/Analysis, Network Security, Network Security Design, Network Support, Network Systems, Network Topology, People Management, Performance Management, Product Management, Public Key Infrastructure (PKI), Purchasing/Procurement, QoS (Quality of Service), RADIUS (Remote Authentication Dial-In User Service), Radio Frequency, Reporting Skills, Requirements Management, SNMP (Simple Network Management Protocol), SSH (Secure Shell), SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Architecture, Security Monitoring, Sensitive Compartmented Information (SCI), Server Support, Software Engineering, Strategic Planning, Symantec Product Family, System Architecture, Systems Engineering, TACACS (Terminal Access Controller Access Control System), Technical Analysis, Technical Support, Testing, Top Secret Clearance, United States Department of Defense (DoD), User Interface/Experience (UI/UX), VPN (Virtual Private Network), VoIP (Voice over IP), Wide Area Network (WAN), Writing Skills
LOCATION
Columbia, Maryland
POSTED
30+ days ago
Braxton-Grant Technologies is looking for a Senior Network Security Engineer for a mid-shift (4pm - 12) position to provide assistance in all aspects of network management from network design through implementation, maintenance, and upgrading of existing networks. The qualified person in this position analyzes designs, specifications, and related documents; implements communication system requirements to support the distributed functionality of a software engineering environment; analyzes network characteristics (e.g. traffic connect time, transmission speeds, packet sizes and throughput); troubleshoots problems and recommends procurement of and/or modifications to network components.  Also, he or she will ensure the overall health and strong security posture of complex network architectures.  Individual will be actively involved with all phases of network security design, implementation, proactive monitoring, troubleshooting and analysis of firewalls, IDSs, VPNs, security controls and policies. The Engineer will ensure compliance is maintained with DOD Information Assurance requirements as well as ensuring service performance indicators are met or exceeded.  Possible duties include but are not limited to:
  • Design solutions, integrate, configure, deploy, test and provide support for numerous types of network devices, interfaces and methodologies
  • Optimize end-to-end system performance and dataflow management
  • Configure and optimize the network to connect various front-end and back-end components
  • Coordinate with the system engineering and dataflow efforts to ensure proper mission operations with minimal down time
  • Facilitate the implementation of high-speed, scalable, fault-tolerant network topologies as applicable to WAN and LAN design
  • Implement specific network solutions to support server requirements to include load-balancing, VPN’s, firewall contexts, and network address translation (NAT) where appropriate
  • Minimize network latency and maximize data throughput through design analysis and network performance monitoring tools
  • Manage assigned tasks and provide guidance to junior Network Engineers
  • Validate new and existing dataflow and data formats
  • Coordinate with appropriate dataflow organizations and end-customer recipients, follow-on data repositories and tasking organizations and understand potential adverse impacts on system-wide dataflow
  • Design, integrate, test and deploy RF communications solutions
  • Lead large efforts of dynamic requirements and scale
  • Work with System engineers and cross organizational teams to define requirements
  • Support efficient repeatable inspection process of network boundary traffic to inspect for evidence of successful and failed compromises, Advance Persistent Threats, and misuse of standard, permitted services
  • Support efficient repeatable inspection process to support review of all boundary services including but not limited to firewalls, proxies, and VPNs, to ensure the security posture of the services are consistently applied, done so in accordance with mission and industry best practices
  • Support regular technical assessments of network boundaries to ensure boundaries remain secure; assessments will include use of security tools in coordination with security elements of the agency
  • Support monthly reviews of all authorization services to ensure that only authorized users have continued access and that their access is minimized to the greatest extent possible to accomplish their job functions
  • Support Security Investigations as requested by Agency Security organizations to include traffic inspection, dissection and reassembly of traffic
  • Consult and engineer next generation solutions to meet changing security needs which are compliant with Agency policies and incorporate industry best practices when possible
  • Design, Configure, Deploy and Monitor integration of network security solutions with Agency authorized authentication services including PKI, TACACS, RADIUS, Active Directory and required authorization services
  • Design, Configure, Deploy and Monitor local and global load balancing functions which support network performance while maintaining security solutions

Education:  Bachelor’s degree in engineering from an accredited college or university is required. Four (4) years of additional network engineering experience may be substituted for a bachelor’s degree.

Required Experience: 
  • Twelve (12) years directly related experience.
  • Five (5) years of experience with What’s Up Gold and Netflow.
  • Five (5) years of demonstrated experience in Computer Network Operations - Protection Level (PL) 3 high/high solutions utilizing Layer 2 to Layer 7
  • Security+ Certification
  • Experience operating, managing, monitoring, and deploying network security devices and systems, using advanced knowledge of security networking devices such as: application, proxy, and Next Generation Enterprise firewall appliances, Control Center Management appliances, IPSEC, SSL and SSH applications, Cisco Secure Access Control Servers (ACS), Cisco Security Manager (CSM), Cisco VPN and firewall devices, Web Proxy, Load balancer, and related software and hardware used in LAN/WAN networks).
  • Ability to work independently with little direction and guidance.
  • Excellent writing and communication skills, including the ability to develop analytical documents and conduct oral presentations.
  • Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions.
  • Experience with Intelligence Community Directive (ICD) 503 instructions; system accreditation and security system documentation.
  • Knowledge of IP services (IPv4, VPN, IPv6, Multicast, QOS, SNMP, VOIP, VTC, etc.).
  • Experience in providing reports and products to senior management and customers.
  • Experience with plans, designs, and evaluations of network security systems and architectures.

Desired:
  • CCNP Security and/or CCNA Security certification
  • Palo Alto Firewall certification and experience
  • ITIL certification
  • DMVPN experience
  • Symantec/Blue Coat product certification and experience

 

About the Company

B

Braxton-Grant Technologies