Senior Network Engineer

About The Position

Requirements

• Minimum of eight (8) years of overall professional experience in Information Technology, Endpoint Engineering, or Cybersecurity, with at least six (6) years explicitly performing higher-level network engineering duties (Tier 3/advisory functions rather than routine help desk execution) inside large enterprise environments.
• Demonstrated experience translating formal security architecture requirements under NIST SP 800-53 (specifically Access Control, Configuration Management, System and Communications Protection, and Audit and Accountability families) and the NIST Risk Management Framework (RMF) into actionable engineering designs.
• Proven history of operating under structured, multi-team change advisory boards, producing complete audit readiness documentation, and evaluating emerging threat intelligence vector inputs to proactively adjust configurations.
• Must be eligible for and successfully pass a Public Trust Tier 2 background check and fingerprinting process conducted through the U.S. Capitol Police.
• Must hold active, advanced professional or expert-level network infrastructure or security credentials (e.g., Cisco professional/expert tracks or validated equivalents).
• These exact credentials (or equivalent historical iterations) must have been maintained and continuously applied in a professional capacity for a minimum of five (5) consecutive years. Expired certifications or those never utilized professionally will be disqualified.

Responsibilities

• Implement and maintain enterprise network security controls precisely aligned with federal standards, mapping directly to the Access Control (AC), Configuration Management (CM), System and Communications Protection (SC), and Audit and Accountability (AU) control families.
• Engineer and enforce strict Zero Trust network architecture principles in accordance with NIST SP 800-207, establishing continuous verification of all users and devices regardless of location.
• Design, establish, and maintain advanced network segmentation and micro-segmentation strategies to restrict lateral movement across all network layers and insulate high-value assets and sensitive computing environments.
• Design and implement identity-aware network access controls, ensuring granular, role-based access management across the infrastructure estate.
• Deploy and manage 802.1X port-based network access control to strictly prevent unauthorized device connectivity and enforce robust authentication at the physical and wireless network edge.
• Configure and maintain centralized logging and audit capabilities for all distributed network devices, ensuring all log traffic is securely forwarded to enterprise SIEM platforms and retained in compliance with federal mandates.
• Conduct continuous, real-time monitoring and technical vulnerability assessments of the network infrastructure to actively identify risks and coordinate remediation paths in strict alignment with the NIST Risk Management Framework (RMF).
• Harden all enterprise network devices using strict configuration baselines (e.g., Cisco Secure Configuration Guides), ensuring the disabling of unnecessary services, enforcement of strong encryption protocols, and lockdown of management interfaces.
• Secure public-facing and perimeter network assets by implementing and optimizing rigorous ingress/egress filtering, firewall rule architectures, and multi-factor authentication (MFA) for all administrative and privileged access.
• Directly support incident response activities by providing expert network-level analysis, rapid containment actions (such as localized segmentation or blocking malicious traffic), and forensic data collection.
• Ensure all configuration and hardware modifications follow formal change control processes backed by a pre-execution security impact analysis to maintain compliance with NIST configuration management regulations.
• Lead or participate in security assessments, audits, and formal compliance reviews by compiling, defending, and providing technical evidence, architecture documentation, and engineering remediation support.
• Continuously evaluate, validate, and enhance the overall network security posture through the strategic adoption of emerging industry best practices, threat intelligence streams, and Cisco security innovations.
• Develop, implement, and maintain comprehensive Network Standard Operating Procedures (SOPs), conducting mandatory reviews and updates on at least an annual basis to reflect evolving technical and policy landscapes.
• Document and maintain highly detailed hardware and configuration baselines for all network devices-including Cisco switches, routers, firewalls, and related infrastructure-backed by formal annual reviews.
• Perform rigorous root cause analysis for all network incidents, including performance degradation, unexpected outages, and security events, fully documenting findings to implement corrective and preventive actions.
• Establish, implement, and maintain automated network patch management and firmware update procedures in complete alignment with Cisco best practices and organizational security policies.
• Develop, maintain, and update highly comprehensive network diagrams that accurately reflect the CBO enterprise network architecture across cloud, production, and secure environments, executing updates annually or dynamically as changes occur.
• Administer, optimize, and troubleshoot enterprise DNS services, maintaining configuration changes, performance tuning, and prompt issue resolution.
• Support continuous, real-time monitoring of network infrastructure (24/7 operations) through the deep integration of network management platforms and security monitoring tools.
• Maintain accurate, up-to-date documentation of network configurations, physical assets, and operational procedures to ensure permanent audit readiness and operational continuity.

Benefits

• ESOP
• 401(k) matching
• Medical, Dental, Vision insurance
• Professional Development
• Disability Insurance
• Health Savings Account
• Flexible Spending Account
• Paid Holidays
• PTO