Senior Firewall Engineer

About The Position

Requirements

• TS/SCI
• Sec+

Responsibilities

• Designs, implements, and maintains Cisco and Palo Alto firewall systems to secure networks and data, ensuring they are protected against unauthorized access and cyber threats.
• Develops and implements firewall rules and policies to protect network assets.
• Designs and implements network security solutions, including firewalls, VPNs, and other security technologies.
• Monitors and analyzes network traffic for security threats and vulnerabilities.
• Troubleshoot and resolve firewall-related issues and network connectivity problems.
• Maintains and updates firewall software and hardware.
• Responds to security incidents and alerts.
• Collaborates with security teams to improve security posture.
• Stays up-to-date with the latest security threats and vulnerabilities.
• Documents firewall configurations, procedures, and security policies.
• Communicates security issues and recommendations to stakeholders.
• Provides mentoring and guidance to junior team members.
• Provides network solution engineering efforts to plan, design, configure, troubleshoot, implement, enhance, optimize and secure DCSA’s infrastructure of non-virtual and virtual systems in enclaves and data centers, regional field offices, field offices, and the Amazon Web Service (AWS) Govcloud environments, as part of the overall strategic objective of the DCSA IT modernization and One IT initiatives to provide a flexible enterprise IT environment to support the DCSA mission IAW with DCSA and DoD policies and procedures and commonly utilized industry best practices.
• Supports translation of strategic goals, commitments, requirements, risks, and objectives into plans, tasks, and activities for solutions and alternatives, from a network perspective.
• Researches, maintains, and applies expertise in emerging technologies, and industry developments, trends, best practices, and principles of network engineering.
• Develops and designs load balancing and engineering capability assessments.
• Provides and implements capacity-planning solutions.
• Directs or performs integration and testing of all items to ensure security and operability before deployment. Implements operational design standards and establishes appropriate interfaces that best fulfill interoperability and mission requirements, designing, recommending, and engineering configuration of all network and communication equipment, facilities, and services, specifically including router/switch configurations, Internet Protocol (IP) addresses, Regional Internet Access Points (RIAPs), Virtual Private Networks, gateway servers, and related services, in a manner to ensure most efficient flow of data and highest security, coordinating all solutions with Cyber Security Defense Operations.
• Plans and oversees execution of network installations of system hardware and software upgrades.
• Plans and executes backups and recovery operations.
• Directs, executes, or supports compilation, implementation, maintenance and archiving of network records, documentation, and artifacts, such as specifications, topologies, diagrams, and policies; network blueprints and design documents; network data flow diagrams; Access Control Lists (ACLs); network management trend analysis reports; accreditations; network provisioned gear and change control documentation.
• Provide inputs into the Activity Report.