Senior Network Security Engineer (SDN / Multi-Enclave)

About The Position

Requirements

• Minimum of 12 years of experience as a Network Security Engineer (or related role) supporting DoD/IC programs, and a Bachelor’s in Computer Science, Cybersecurity Engineering, System Engineering, Network Engineering or related discipline. 4 years of additional experience may be accepted in lieu of a bachelor’s degree (for a total of 16 years of experience)
• 5+ years of experience demonstrating principles, theories, methods, and techniques of security software (IOS) and hardware across Juniper, FORE, and Cisco routers/switches
• Demonstrated experience in the installation and support of network telecommunications, with expert-level network security knowledge
• Hands-on knowledge and troubleshooting experience with: LAN/WAN, VLANs, VoIP Routing: RIP, OSPF, EIGRP Authentication: AAA/TACACS Security controls: Juniper/FORE/Cisco ACLs
• Experience implementing and troubleshooting secure network products such as VPNs and IDS/IPS (or equivalent)
• Demonstrated experience designing, implementing, securing, or operating Software Defined Networking solutions
• Demonstrated experience supporting security compliance (planning, assessment, audit support, evidence collection, control implementation/validation)
• An active/current Cisco Certified Network Associate (CCNA) certification is required for this role; additionally, you should have or have documented (over 50%) progress toward completion of a Cisco Certified Network Professional (CCNP) certification
• This position requires US Citizenship and an active/current TS/SCI w/ Polygraph.

Nice To Haves

• Experience supporting DoD/IC customers and multi-enclave/multi-domain architectures
• Experience with security engineering in regulated frameworks (e.g., RMF/ATO processes, control validation, POA&M support)
• Hands-on with SDN platforms/approaches (controller-based networking, overlays, micro segmentation, policy-as-code concepts)
• Experience with IDS/IPS tuning, VPN design at scale, and secure segmentation patterns in hybrid environments
• Ability to author high-quality technical documentation (design packages, CONOPs, SOPs, diagrams) and brief technical + non-technical stakeholders

Responsibilities

• Design, engineer, and validate secure network/systems solutions spanning multiple enclaves with varying security boundaries and classification levels
• Recommend and implement system-level security solutions to satisfy mission, compliance, and operational requirements
• Perform and support security planning, assessments, risk analysis, risk management, including documentation and briefing of risk decisions and mitigations
• Support our government customer in enforcing the design and implementation of trusted relationships among external systems and architectures (e.g., interconnections, cross-domain dependencies, boundary protections)
• Engineer and secure SDN-enabled architectures (i.e. controller/overlay models), ensuring segmentation, policy enforcement, and strong access control
• Install, configure, harden, troubleshoot, and support network telecommunications infrastructure and security capabilities
• Develop/maintain network security artifacts such as security design packages, interface control documentation, diagrams, and compliance evidence
• Conduct root-cause analysis of security or connectivity issues and implement corrective actions that preserve mission availability and security posture
• Provide technical guidance to teams and stakeholders; participate in design reviews, security reviews, and change control activities