Senior Network Engineer

Technica Corporation•Sterling, VA

6h•Hybrid

About The Position

Technica is looking for a Senior Network Engineer to support the design, implementation, integration, hardening, testing, and documentation, and operational transition of network and infrastructure security solutions. The engineer will serve as a hands-on technical resource, implementing secure connectivity, VPN services, network segmentation, Zero Trust-aligned access controls, Palo Alto firewall capabilities, Azure and GCC High-aligned network security, manufacturing isolation, customer-site connectivity, logging integration, and site implementation support. The Network Engineer will work as part of an integrated team spanning cybersecurity, cloud, endpoint, SOC/SIEM, compliance, and manufacturing protection, supporting commercial, CUI, restricted manufacturing, vault, customer-site, and future federal-site operating environments. The role requires practical network engineering experience, strong security implementation skills, familiarity with regulated environments, and the ability to produce maintainable, well-documented configurations suitable for sustainment, audit readiness, and transition to managed operations.

Requirements

Bachelor’s degree in a technical-related field, or an equivalent combination of education and/or experience in a related field
Minimum of 12 years’ related experience
Experience designing secure network architectures for Microsoft GCC High, regulated Microsoft cloud environments, or FedRAMP-aligned cloud services.
Experience with Palo Alto virtual firewalls in Azure or hybrid-cloud environments.
Experience supporting VDI, secure remote administration, privileged access pathways, and restricted data access environments.
Experience with network automation, infrastructure-as-code, configuration backup, or repeatable site deployment templates.
Familiarization with DoD implementations, including cybersecurity standards, risk management framework, Security Technical Implementation Guides (STIGs), DoD PKI and certificate frameworks, and ATO.

Nice To Haves

Experience supporting CMMC Level 2, NIST SP 800-171, Defense Industrial Base, aerospace, manufacturing, CUI, ITAR, or export-controlled environments.
Additional certifications such as Security+, Network+, CCNA, CCNP, CISSP, CCSP, or Azure Network Engineer Associate.
Strong oral and written communication skills

Responsibilities

Lead the engineering, design refinement, implementation, qualification testing, and technical deployment of a modernized wired network infrastructure.
Design and implement secure network connectivity across corporate, CUI, customer-site, Azure-hosted, GCC High-aligned, and future manufacturing locations.
Support VPN architecture, configuration, testing, and sustainment for user remote access, site-to-site connectivity, customer-site access, and future manufacturing site deployments.
Implement network segmentation controls that separate commercial, CUI, restricted manufacturing, vault, administrative, VDI, ERP, partner/customer, and security monitoring environments.
Support Zero Trust network architecture and policy design by enforcing least-privilege access, deny-by-default traffic patterns, controlled administrative pathways, and documented business-approved data flows.
Configure and support Palo Alto virtual firewalls in commercial Azure and GCC High-aligned environments, including firewall policies, security profiles, NAT, routing, VPN, management access, logging profiles, and rule documentation.
Develop and maintain firewall rule sets that are traceable to business requirements, system owners, approved traffic flows, risk decisions, and change control records.
Support secure remote access patterns for employees, administrators, engineering users, CUI users, and approved customer-site personnel.
Coordinate with identity, endpoint, and Microsoft cloud teams to ensure network access policies align with MFA, Conditional Access, device compliance, role-based access, VDI, and user authorization requirements.
Support user isolation through dedicated network zones, restricted access paths, secure administrative access, and approved data exchange patterns.
Support network access control planning and implementation, including device authorization assumptions, remote access restrictions, segmentation enforcement, and visibility into connected assets.
Implement secure site connectivity for operational locations.
Coordinate with Microsoft Sentinel/SOC/SIEM teams to forward firewall, VPN, network device, remote access, administrative, and threat telemetry into centralized logging and monitoring workflows.
Develop network logging and telemetry handoff documentation, including log source inventory, event types, forwarding methods, validation steps, and monitoring use cases.
Support incident response and operational troubleshooting for VPN failures, firewall policy issues, site connectivity problems, suspicious network events, remote access anomalies, and segmentation violations.
Participate in vulnerability remediation coordination for network devices, firewalls, VPN components, firmware, virtual appliances, and Azure network security components.
Develop and maintain network architecture diagrams, firewall policy documentation, VPN design documents, segmentation matrices, traffic flow diagrams, as-built configurations, test results, and administrator runbooks.
Support CMMC/NIST SP 800-171 readiness by producing implementation evidence for network access control, system and communications protection, audit logging, configuration management, vulnerability remediation, and security assessment activities.
Work closely with the Program Management Office, security architect, cloud engineers, endpoint engineers, SOC/SIEM team, manufacturing stakeholders, compliance team, and system owners to meet schedule, security, and documentation objectives.