Senior Network Engineer (Security) (TS)

About The Position

Requirements

• Active Top Secret/SCI clearance required.
• CISSP (or CCNP Security + CASP+) certification.
• Platform-specific certification (e.g., Palo Alto, Cisco, or equivalent).
• Strong understanding of Palo Alto Networks PA‑5000 series next‑generation firewall platforms.
• Strong understanding of Cisco ASA firewall technologies.
• Strong understanding of VPN design and management (IPsec, SSL/TLS, DMVPN).
• Strong understanding of Intrusion Prevention Systems (IPS).
• Strong understanding of Network Access Control (NAC) technologies.
• Strong understanding of security zoning, segmentation, micro‑segmentation, and zero‑trust principles.
• Strong understanding of secure routing, switching, and firewall policy design.
• Strong understanding of network monitoring, packet capture, and threat detection tools.

Nice To Haves

• CCNP Security certification.
• GCIH or GCIA certification.
• CySA+ certification.
• CCIE Security certification.
• GIAC advanced certifications (e.g., GCIA, GWAPT).
• CCSP certification.
• Experience designing enterprise network security architectures in DoD or IC environments.
• Experience implementing segmentation in hybrid or multi-site mission networks.
• Experience performing threat analysis, incident response, or vulnerability mitigation for network infrastructure.
• Experience supporting enterprise security toolsets, SIEM, and intrusion-detection platforms.
• Experience working with STIGs, SRGs, compliance frameworks, and accreditation processes.

Responsibilities

• Serve as the Subject Matter Expert (SME) for network security infrastructure across mission systems.
• Design, deploy, configure, and maintain enterprise firewalls, IPS, NAC, VPNs, and segmentation technologies.
• Engineer secure network architectures that protect the perimeter and internal network segments from advanced threats.
• Administer and maintain Palo Alto Networks next‑generation firewalls (PA‑5000 series) and Cisco Adaptive Security Appliance (ASA) platforms.
• Manage site‑to‑site and remote‑access VPN solutions, including security policy enforcement and identity-based access controls.
• Analyze security logs, events, and packet data to detect and respond to threats.
• Support zero-trust initiatives, access segmentation, and least-privilege network design.
• Develop, implement, and maintain security baselines and configuration standards.
• Provide Tier III operational support and perform root cause analysis for complex network security issues.
• Collaborate with cybersecurity teams to ensure compliance with DoD security frameworks, STIGs, and enterprise policies.
• Document configurations, changes, engineering updates, and architectural decisions.

Benefits

• Health insurance
• Dental insurance
• Vision insurance
• 401K with company matching
• Flexible spending accounts
• Paid holidays
• Three weeks paid time off