Network Administrator III

About The Position

Requirements

• 5+ years of experience as a Network Engineer or Senior Network Operator in a DoD or similar high-security environment.
• Must possess an active DoD Secret or Top Secret security clearance.
• In-depth, hands-on experience with Palo Alto Firewalls (PAN-OS, Panorama).
• Advanced knowledge of Cisco Switching (Catalyst 9300 & 9400 series, StackWise Virtual, high availability).
• Proven experience deploying and managing Cisco ISE for 802.1x and NAC.
• Strong proficiency in managing campus mesh Cisco 9800 Wireless Controllers and associated Wi-Fi 6 access points.
• Basic knowledge of F5 BIG-IP load balancers (LTM).
• Comprehensive understanding and practical application of DoD STIGs for network devices.
• Basic scripting and automation skills with at least one of the following: Python, PowerShell, or Ansible.
• Must hold a DoD 8570 IAT Level II certification (e.g., CompTIA Security+ CE).

Nice To Haves

• Technical experience with managing and deploying Zero-Trust Architecture (ZTA) concepts.
• Hands-on experience with Cisco Software-Defined Access (SD-Access).
• Knowledge of VPN-less Network solutions and secure remote access technologies.
• Familiarity with Privileged Access Security/Management (PASM/PAM) solutions.
• Experience with IPv6 planning, implementation, and management.
• Experience using Elasticsearch (Elastic Stack) for log analysis and monitoring.
• Advanced industry certifications such as CCNA, CCNP Enterprise/Security, or Palo Alto Networks Certified Network Security Engineer (PCNSE).
• Experience with advanced network monitoring, logging, and analysis tools (e.g., SolarWinds, Splunk, Wireshark).
• Advanced scripting capabilities for complex network automation workflows.
• Bachelor's degree in a related technical field.

Responsibilities

• Administer, configure, and maintain Palo Alto firewalls, ensuring robust security policies and threat prevention.
• Manage and troubleshoot complex campus networks built on Cisco Catalyst 9300 stacked switches and 9400 series chassis.
• Implement and manage network access control (NAC) policies using Cisco Identity Services Engine (ISE).
• Oversee the configuration, deployment, and management of a large-scale wireless infrastructure using Cisco 9800 Wireless Controllers.
• Ensure all network devices are configured and maintained in strict compliance with DoD Security Technical Implementation Guides (STIGs) and Army cybersecurity directives.
• Conduct regular security audits, vulnerability assessments, and remediation activities in response to ACAS and CTO initiatives.
• Respond to and investigate cybersecurity incidents in coordination with the security operations team.
• Develop and maintain scripts using Python, PowerShell, or Ansible to automate routine network administration tasks, device configuration, and compliance checks. Experience with Linux Bash scripting is also preferred.
• Assist in the development of a network automation framework to improve operational efficiency.
• Monitor network performance, troubleshoot complex connectivity and performance issues, and ensure high availability of all network services.
• Maintain comprehensive and accurate documentation of network architecture, device configurations, and standard operating procedures (SOPs).
• Provide senior-level technical support and mentorship to junior team members.