Network Security Engineer

Our client, a large public sector organization, is seeking a Network Security Engineer for a hybrid (3 days per week onsite in Brooklyn) contract position. You can onboard as our W2 employee or independent contractor. This is a 2 year contract position.

Project Background:

The Network Security Engineer will play a key role in supporting the modernization of the data center infrastructure, enhancing security operations, and supporting high-priority applications. This role is essential to protecting the organization's hybrid cloud environment and ensuring network resiliency and security.

This individual must have strong hands-on experience with Cisco ASA/Firepower firewalls, F5 load balancers, and hybrid cloud environments (Azure/AWS). The engineer will provide expert-level troubleshooting, configuration, and support for data center and enterprise network security operations.

Key Responsibilities:

• Collaborate with IT Security teams and NYC Cyber Command to address and remediate vulnerabilities.
• Use tools such as Splunk to correlate incident data, identify vulnerabilities, and recommend timely remediation steps.
• Implement, upgrade, and monitor security controls for networks, systems, and information.
• Troubleshoot complex network issues; make recommendations for improvements and contribute to network design and planning.
• Design, configure, and support Cisco ASA and Firepower firewalls (FMC/FTD/FXOS), including AnyConnect VPN and various tunnel protocols.
• Collaborate with application teams to design and implement load balancing solutions (F5, Avi Networks/NSX).
• Configure Cisco Identity Services Engine (ISE) for access control.
• Manage firewall configurations in hybrid cloud environments (Azure, AWS).
• Coordinate with vendors to resolve network outages and meet service level targets.
• Use packet-level analysis tools (Wireshark, tcpdump, Netscout) for security monitoring and traffic troubleshooting.
• Create and maintain documentation, SOPs, and network diagrams using Visio or Lucidchart.
• Work with security teams on Zscaler policy administration and reporting.
  
  
  

Mandatory Minimum Qualifications:

• 5 years of experience in network security using Cisco ASA and Firepower technologies.
• 5 years of experience with F5 load balancing solutions (LTM, GTM, BIG-IQ).
• 5 years of packet analysis for troubleshooting and monitoring.
• 5 years configuring and troubleshooting Cisco routers and L2/L3 switches.
• 5 years of experience with routing protocols including BGP, OSPF, and EIGRP.
  
  
  

Preferred Qualifications:

• Prior experience in education-related projects or government agencies.
• Relevant certifications (e.g., Cisco CCNA/CCNP, CompTIA Security ).
• Experience with VMware NSX and NSX Advanced Load Balancer.
• Familiarity with Splunk SIEM and SPL scripting.
• Experience with Azure/AWS infrastructure and ExpressRoute.
• Familiarity with Zscaler policy management.
• Strong communication skills, both verbal and written.
• Highly organized, detail-oriented, and self-directed.
  
  
  

Flexible work from home options available.