Network Security Engineer SME

Tasks:

• Add and manage nodes in Splunk and Riverbed for monitoring purposes.
• Update monitoring tools using Ansible.
• Interact successfully with both program leads and DOJ partners to ensure objectives are completed on-time.
• Manage information technology security, including backups, firewalls, and routers.
• Provide guidance for design and management of information systems security policy, implementation, and management for a globally distribute MPLS infrastructure.
• Provide network security management and support windows servers.
• Resolve routing and Network Address Translation (NAT) issues utilizing tcpdump and other tools.
• Perform system upgrades and implement any new security policies per agency guidance and policy.
• Key contributions include trouble shooting of complex LAN/WAN infrastructure that include routing protocols BGP, EIGRP and Open Shortest Path First (OSPF), VPNs, web proxy, and XML gateway for enterprise web services.
• Work on different networking concepts and routing protocols like BGP, EIGRP, dynamic multipoint virtual private network (DMVPN) and other LAN/WAN technologies.
• Recommends enterprise information assurance and security standards.
• Develops and implements information assurance/security standards and procedures.
• Coordinates, develops, and evaluates security programs for an organization.
• Recommends information assurance/security solutions to support customers' requirements.
• Identifies, reports, and resolves security violations.
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Supports customers at the highest levels in the development and implementation of doctrine and policies.
• Performs a variety of system engineering tasks and activities that are broad in nature and are concerned with major systems design, integration, and implementation, including personnel, hardware, software, budgetary, support facilities and/or equipment.
• Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Performs analysis, design, and development of security features for system architectures.
• Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
• Designs, develops, engineers, and implements solutions that meet security requirements.
• Provides integration and implementation of the computer system security solution.
• Analyzes complex information assurance-related technical problems and provides multifaceted engineering and technical support in solving these problems.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
• Ensures that all information systems are functional and secure.
• Perform system security tuning, security monitoring, general and privileged user account management, and reviewing all COTS software products upgrades and patches, including operating systems.
• Monitors and performs script writing, storage management interfaces, network interfaces, external peripheral interfaces, and others systems interfacing.
• Design and execute security system tests.
• Shall support all systems/services certification and Accreditation activities.

Required Qualifications:

Education:
Bachelor's degree in computer science, information systems, engineering, or a related field is preferred. CompTIA Security certification is equivalent to a bachelor's degree.

Experience:

• Six years of total experience with two years of current experience in supporting and troubleshooting various computing devices and operating systems.
• Education/experience substitution AA Degree and 8 years of experience or HS and 10 years of experience.
• Strong technical background
• Proficiency in both networking and cybersecurity technologies and protocols
• Experience in managing and troubleshooting Linux or Unix base operating systems
• Experience with Application Layer Gateway (ALG) [Real-time Transport Protocol (RTP), Real-Time Streaming Protocol (RTSP) and File Transfer Protocol (FTP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP)], Dynamic Host Configuration Protocol (DHCP)
• Experience working in an Agile organization using Scrum, XP, Kanban, and SAFe

Desired Qualification:

• CompTIA A certified
• CompTIA Security certified
• CompTIA Advanced Security Practitioner (CASP ) certified
• Cisco Certified Cybersecurity Professional (CCCP) preferred
• Active DOD Top Secret Clearance.