Amazon Web Services (AWS), Analysis Skills, Applications Security, Architectural Design, Audit Metrics, Authentication, BGP, Background Investigation, CCIE - Cisco Certified Internetwork Expert, CCNP - Cisco Certified Network Professional, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Change Management, Change Requests/Orders, Cisco ASA (Adaptive Security Appliance), Cisco Network Systems, Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Configuration Management, Content Filtering Software, Customer Support/Service, DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System), Data Collection, Document Change Management, Documentation, Enterprise Protection, Establish Priorities, F5 Network Software, Firewall Administration, Firewalls, GIAC - Global Information Assurance Certification, Government, High Availability, Hybrid Cloud, Identify Issues, Incident Response, Internet Security, Knowledge Transfer, Maintain Compliance, Metrics, Microsoft Windows Azure, NAT (Network Address Translation), Network Administration/Management, Network Architecture/Engineering, Network Security, Network Support, Network Systems, Operational Communications, Operational Support, Operations Security (OPSEC), Procedure Development, Production Support, Production Systems, RSA Encryption, RSA SecurID, Remote Access, Retirement Plan, Root Cause Analysis, SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Information and Event Management (SIEM), Security Infrastructure, Server Support, Software Patches, Standard Operating Procedures (SOP), Support Documentation, Systems Administration/Management, TCP/IP (Transmission Control Protocol/Internet Protocol), Team Lead/Manager, Technical Leadership, Technical Support, Technical Writing, Testing, Topology, VPN (Virtual Private Network), Vision Plan, Wide Area Network (WAN)
We are seeking a Senior Network Security Engineer for an operations-first role supporting enterprise network security infrastructure across on-premises, remote-access, hybrid-cloud, and cloud-connected environments. This is not primarily an architecture/design role. The priority is a hands-on engineer who can administer, configure, maintain, troubleshoot, patch, upgrade, back up, validate, document, and operate production security platforms with minimal ramp-up.
- Firewall operations: hands-on Cisco and Palo Alto firewall administration, rule changes, NAT, troubleshooting, policy cleanup, upgrades, backups, logging, and production support.
- VPN / remote access: support for remote-access VPN, site-to-site VPN, user connectivity issues, certificates, authentication flows, and after-hours troubleshooting.
- RSA / MFA administration: RSA SecurID or equivalent MFA operations, token support, server administration, user troubleshooting, VPN integration, certificates, patching, backups, logs, and monitoring.
- Day-to-day operations: ticket resolution, monitoring alerts, health checks, change requests, incident support, maintenance windows, operational reporting, and customer support.
- Configuration and administration: installing, configuring, maintaining, patching, upgrading, backing up, validating, and troubleshooting assigned security platforms.
- Production troubleshooting: strong TCP/IP, DNS, routing, firewall logs, packet captures, VPN authentication, certificate, and connectivity troubleshooting.
- Documentation and process discipline: SOPs, runbooks, diagrams, change records, rollback plans, evidence collection, knowledge transfer, and formal change management.
- Federal/customer environment maturity: Public Trust eligibility, regulated-environment documentation, customer support, cross-team coordination, and comfort working with government stakeholders.
The best candidate can credibly say: "I have operated enterprise Cisco and Palo Alto firewalls in production, handled firewall rule changes and troubleshooting, supported VPN users and site-to-site tunnels, administered or supported RSA/MFA tied to VPN access, followed formal change-management processes, maintained documentation and backups, and can step into daily operational support with minimal ramp-up."
Scope and Role Boundaries
- Primary platforms include Cisco ASA/Firepower/FTD/FMC, Palo Alto NGFW/Panorama/GlobalProtect, remote-access and site-to-site VPN, RSA SecurID Authentication Manager or comparable MFA, monitoring/logging/SIEM integrations, and related network security controls.
- Coordinate with SOC/NOC, cloud, identity/directory, wireless/LAN, server, endpoint, system owner, application, governance, and vendor teams during changes, incidents, troubleshooting, compliance, and audit support.
- Cloudflare, Cisco ISE/NAC, secure web/email gateways, packet visibility tools, SD-WAN/SASE/ZTNA, AWS/Azure security, and F5/application-delivery awareness are useful where they intersect with assigned operational support, but the core need is firewall, VPN, RSA/MFA, and production operations.
Key Responsibilities
- Provide daily, weekly, monthly, and annual operational support for assigned security systems, including tickets, alerts, health checks, email/phone support, metrics, status reporting, and operational validation.
- Administer and troubleshoot enterprise firewalls, including rule bases, NAT, segmentation, high availability, threat prevention, VPN integration, logging, secure baselines, rule reviews, recertification, cleanup, and decommissioning.
- Install, configure, maintain, patch, upgrade, back up, and validate firewall, VPN, MFA, and related network security systems in production environments.
- Support remote-access VPN, site-to-site VPN, partner connectivity, cloud connectivity, mobile/remote users, certificates, authentication policies, availability, utilization, and user access issues.
- Maintain and troubleshoot RSA SecurID Authentication Manager or equivalent MFA services, including servers/appliances, agents, certificates, HA, backups, logs, monitoring, directory integration, VPN authentication, and token lifecycle support.
- Respond to incidents, vulnerability notices, urgent requests, vendor advisories, PSIRT notices, system alerts, and emergency troubleshooting while minimizing service disruption.
- Use firewall logs, VPN logs, packet captures, SIEM data, monitoring tools, DNS/routing checks, and standard diagnostics to resolve complex connectivity, authentication, TLS/certificate, and application-flow issues.
- Create and maintain topology diagrams, equipment inventories, configurations, SOPs, runbooks, implementation plans, rollback plans, build/upgrade procedures, troubleshooting notes, and knowledge articles.
- Follow approved change, release, incident, problem, and configuration-management processes; prepare change records, peer-review materials, validation evidence, root-cause analysis, metrics, and audit artifacts.
- Support vulnerability remediation, POA&M tracking, continuous monitoring, compliance reviews, audit evidence collection, and coordination with ISSO, system owner, and security governance teams.
Requirements
- 7+ years of experience in network security engineering, network infrastructure, cybersecurity infrastructure, or a closely related role.
- 5+ years of hands-on experience administering, maintaining, and troubleshooting enterprise firewall platforms in production environments.
- Hands-on experience with Cisco security technologies such as Cisco ASA, Firepower, FTD, FMC, AnyConnect/Secure Client, or equivalent Cisco firewall/VPN platforms.
- Hands-on experience with Palo Alto Networks technologies such as NGFW, Panorama, GlobalProtect, security profiles, App-ID/User-ID, logging, and policy optimization.
- Experience administering or supporting RSA SecurID Authentication Manager or comparable enterprise MFA/two-factor authentication platforms, including token support, server operations, patching/upgrades, backups, certificates, monitoring, and directory/VPN integration.
- Strong knowledge of firewall policy, NAT, VPNs, routing, DNS, DHCP, BGP, TLS/certificates, packet captures, log analysis, segmentation, high availability, and common network diagnostic tools.
- Experience with enterprise monitoring, logging, SIEM, alerting, vulnerability management, incident response, formal change management, and regulated-environment documentation.
- Ability to create clear technical documentation, support customers and stakeholders, prioritize operational work, communicate clearly, and coordinate across technical teams.
- Ability to obtain and maintain a Public Trust background investigation.
Desired Certifications
Relevant certifications are helpful but should not replace demonstrated hands-on experience. Examples include CCNP Security, CCIE Security, PCNSE, PCCSE, CISSP, CCSP, AWS Certified Security - Specialty, AWS Advanced Networking - Specialty, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Network Engineer Associate, CompTIA Security+, CompTIA CySA+, GIAC certifications, or equivalent vendor/cloud certifications.
Core Competencies
Enterprise firewall engineering and policy lifecycle management
VPN, remote access, RSA/MFA, and token lifecycle operations
Cloudflare, edge security, secure access, and Zero Trust support
Content filtering, secure web/email gateway, and NAC operations
Hybrid-cloud network security and secure connectivity
Monitoring, logging, SIEM integration, and incident response support
Security visibility, packet analysis, and advanced troubleshooting
Vulnerability remediation, compliance evidence, and POA&M support
Change management, documentation, reporting, and operational metrics
Technical leadership, customer support, and cross-team collaboration
Benefits
- 401(k)
- 401(k) matching
- Dental insurance
- Flexible schedule
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Professional development assistance
- Referral program
- Retirement plan
- Tuition reimbursement
- Vision insurance