Cyber Systems Administration, Advisor - Team Lead

About The Position

Requirements

• Must be a US Citizen
• Must be able to obtain and maintain a Department of Energy (DOE) security clearance
• Demonstrated hands-on experience administering and managing enterprise firewalls (e.g., Palo Alto, Cisco Secure Firewall, Fortinet FortiGate)
• Working knowledge of TCP/IP networking, VPN management, network segmentation, and perimeter security architecture
• Experience with SIEM platforms, IDS/IPS systems, and network traffic analysis tools
• Strong documentation skills with the ability to produce clear technical procedures, configuration records, and compliance artifacts

Nice To Haves

• CompTIA Security+ or higher
• Vendor-specific firewall certifications (Palo Alto PCNSE, Cisco CCNP Security, Fortinet NSE 4+)
• Experience supporting cybersecurity programs at DOE facilities

Responsibilities

• Serve as the technical lead for a team of three firewall engineers, providing day-to-day direction, task prioritization, and workload management.
• Mentor and develop team members by sharing technical expertise, facilitating knowledge transfer on DOE-specific firewall policies and compliance requirements.
• Conduct regular team check-ins and technical reviews to assess progress on assigned tasks, identify blockers, and ensure alignment with DOE mission priorities.
• Serve as the primary point of contact between the firewall engineering team and program managers, and senior government stakeholders, communicating status updates, technical findings, and risk advisories in a clear and concise manner.
• Coordinate team efforts across firewall administration to ensure comprehensive coverage of all enterprise perimeter defense responsibilities.
• Review and approve team-produced deliverables.
• Identify staffing needs, skill gaps, and training requirements within the team.
• Implement, configure, and maintain enterprise next-generation firewalls (NGFWs) in support of DOE network security requirements, ensuring continuous availability and integrity of perimeter defense systems.
• Develop, review, and enforce firewall rule sets and Access Control Lists (ACLs) in accordance with the principle of least privilege, conducting periodic audits to identify and remediate unauthorized or anomalous access.
• Design and maintain network segmentation, DMZ configurations, and traffic flow policies to enforce boundary protection controls.
• Manage and tune Intrusion Detection/Prevention Systems (IDS/IPS) integrated with firewall infrastructure to detect, alert, and respond to network-based threats at the enterprise perimeter.
• Monitor firewall logs, SIEM alerts, and network traffic flows to identify indicators of compromise, policy violations, and anomalous activity; escalate and respond to incidents per established DOE incident response procedures.
• Diagnose and resolve firewall-related connectivity, performance, and security issues across enterprise LAN/WAN environments, minimizing operational impact to mission-critical DOE systems.

Benefits

• Employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.