Network Event Sensor (NES) Tools Engineer - U.S. Citizenship Required

CGI•Fairfax, VA

18d•Hybrid

About The Position

CGI Federal has an exciting opportunity for a Network Detection and Response (NDR) Tools Engineer on the CDM DEFEND program. In this role, you will play a key part in strengthening the network security posture of government agencies by implementing and managing NDR capabilities within a shared services platform. You will be responsible for deploying, configuring, implementing, and maintaining Corelight and ExtraHop in a cloud-hosted environment to protect agency networks and data, while meeting each agency’s technical requirements. This position involves close collaboration with agency teams to ensure robust security measures are in place and effectively managed. This position is located in one of CGI Federal's offices in Fairfax, VA or Lafayette, LA; however, a hybrid working model is acceptable. You will be required to work in a CGI Federal office two days per week.

Requirements

Due to the nature of the contract requirements, U.S. citizenship and successful completion of the CGI background check are required prior to beginning work. In addition, candidates must be able to obtain and maintain a DHS EOD/Public Trust clearance.
Bachelor’s degree and a minimum of 2 years of experience as a Network or System Administrator, including deploying, configuring, integrating, and supporting NDR systems.
Understanding of NDR concepts, with hands-on experience deploying, configuring, and implementing NDR tools such as Corelight and ExtraHop.
Ability to work collaboratively with team members and cross-functional groups, manage competing priorities, and maintain a strong customer focus.

Nice To Haves

Security-related certifications such as CISSP, CISM, CISA, Security+, or CEH.
General understanding or experience with Managed Services and Agile processes.
Familiarity with, or direct experience in, the DHS Continuous Diagnostics and Mitigation (CDM) Program.
Strong knowledge of ITIL and experience in security administration, including authentication and certificate systems.

Responsibilities

Deploy, configure, and maintain NDR tools, including ExtraHop and Corelight, in a secure cloud environment.
Collaborate with service delivery teams to tailor tool configurations for tenant agencies.
Work with cross-functional teams—including network engineers, security analysts, and developers—to integrate security solutions into the overall IT infrastructure.
Identify configuration items for network sensors and protect network resources using commercial NDR tools.
Provide network engineering support for NDR tool integration with other applications, including Okta for access management.
Diagnose and resolve complex technical issues related to network security using tools such as Wireshark and TCPDump.
Use applications like Terraform to automate the deployment of security policies to sub-tenants from a master tenant.
Create and maintain comprehensive documentation for various audiences (Engineers, Operations, Agencies), covering deployment, configuration, operations, and user guides.
Engage with NDR tool vendors for upgrades, support, product updates, and facilitate periodic Technical Exchange Meetings (TEMs).
Support incident response activities and implement monitoring solutions to detect and respond to potential security threats.
Integrate alerts from NDR tools into an Elastic dashboard.
Configure and log data from NDR tools into selected Security Data Lakes and/or Security Information and Event Management (SIEM) tools.