Network Security Engineer Senior

Govcio-posted about 16 hours ago
Full-time • Mid Level
Hybrid • Kearneysville, WV
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

GovCIO is seeking an experienced Network Security Engineer (Senior) to provide critical support for our U.S. Coast Guard program. This position will be located in Kearneysville, WV and will be a hybrid remote position. The ideal candidate will specialize in designing, implementing, and maintaining our secure network infrastructure with a core focus on Zero Trust Architecture and Network Access Control (NAC). This role is critical for protecting high-value assets within large-scale U .S. Coast Guard enterprise environments, including NIPRNet, SIPRNet and DDIL. You will be a subject matter expert on Cisco ISE, and responsible for the full lifecycle of our C2C and 802.1x NAC solutions in a fast-paced, high-stakes environment.

  • Cisco ISE Administration and NAC Support Configure, maintain , and optimize Cisco Identity Services Engine (ISE) for robust authentication, authorization and accounting (AAA)
  • Administer and maintain the full ISE deployment, including Policy Service Nodes (PSNs), Monitoring and Troubleshooting Nodes ( MnTs ) and the Primary Admin Node (PAN)
  • Implement and support 802.1X, MAB (MAC Authentication Bypass), posture assessment and advanced profiling for comprehensive endpoint security
  • Configure and manage Cisco ISE Guest Access, BYOD policies, and endpoint device profiling.
  • Perform routine ISE system updates, patches, and health checks to ensure optimal system stability and performance, including executing the node upgrade process
  • Monitor and analyze RADIUS, TACACS+, LDAP, and Active Directory authentication logs to ensure security compliance and troubleshoot performance issues
  • Expertly troubleshoot complex authentication failures, endpoint misclassifications, and network access issues
  • Network Security and Compliance Support Ensure all Network Access Control (NAC) enforcement strictly aligns with DoD Comply to Connect (C2C) policies and DISA STIGs
  • Implement and support device posture validation, MSFT Defender, Tanium, dynamic ACL ( dACL ) provisioning, dynamic VLAN assignments and Security Group Tagging (SGT)
  • Collaborate with network and security teams to design and enforce Zero Trust security models and the principle of least privilege access
  • Assist in implementing and troubleshooting certificate-based authentication (TLS/SSL, OpenSSL operations and PKI infrastructure)
  • Conduct deep-dive traffic analysis using tools like Wireshark, TCPDump and SolarWinds to diagnose authentication issues and identify network anomalies
  • Firewall and Infrastructure Integration Support the seamless integration of Cisco ISE with security and network platforms, including Cisco Firepower, ASR/ISR/CSR/ASA firewalls, VERSA and Palo Alto NGFWs
  • Assist in troubleshooting NAC-related network performance issues that affect LAN/WAN connectivity
  • Provide expert support for multi-VRF environments, ensuring proper NAC enforcement across complex and segmented network topologies
  • Bachelor’s degree in computer science, information systems or a related field with 8+ years (or commensurate experience).
  • 5+ years of dedicated experience in network security, NAC or related roles.
  • A minimum of 3+ years of direct, hands-on experience in Cisco ISE administration, NAC policy management and network authentication security.
  • Clearance Required: Must be cleared up to an active Secret clearance.
  • Current DoD 8570 IAT Level II certification (e.g., Security+ CE, CCNA Security, SSCP)
  • Deep expertise in Cisco ISE architecture, profiling, posture assessment and endpoint classification
  • Proficient with 802.1X, MAB, RADIUS, TACACS+, LDAP and Microsoft Active Directory integration
  • Hands-on experience with Cisco Switch CLI for configuration and troubleshooting
  • Strong understanding of certificate-based authentication (PKI, TLS/SSL, OpenSSL)
  • Framework & Tools Knowledge: Proven experience working within DoD cybersecurity compliance frameworks (e.g., DISA STIGs, NIST 800-53, IAVMs).
  • Familiarity with Cisco Firepower, ASA firewalls , and Palo Alto NGFWs.
  • Basic scripting knowledge (Python, Bash, or REST APIs) for automation and troubleshooting is a significant plus.
  • Employee Assistance Program (EAP)
  • Corporate Discounts
  • Learning & Development platform, to include certification preparation content
  • Training, Education and Certification Assistance
  • Referral Bonus Program
  • Internal Mobility Program
  • Pet Insurance
  • Flexible Work Environment
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Network Security Engineer Resume Examples
Network Security Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service