Tier III Network Security Engineer (IPSec) - By Light Professional IT Services LLC

Overview:

By Light is hiring a Tier III Network Security Engineer (IPSec) to join our team. Key elements of this position include: Conducting analysis and assessments on new emerging technologies; developing and recommending functional design solutions to meet stakeholder requirements; providing Tier III support to the Joint Network Operations Center (JNOC); developing, engineering, and recommending hardware and software solutions; and conducting cybersecurity mitigations on design solutions to comply with Risk Management Framework (RMF) cybersecurity requirements.

Responsibilities:

• Provide firewall, routing and switching support with hands on experience designing, testing, and implementing IGP, EGP, MPLS, VRF, and NFV/Service Chaining on an enterprise network to meet security, performance, operational, and functional requirements.
• Ensure proper routing protocols are being applied to optimize the end-to-end network performance from the LAN, through a WAN, to a CAN, to a SAN, or a data center.
• Assist the government with identifying any derived design objectives, technical specifications, performance requirements, and interoperability specifications to ensure the system design will meet stakeholder end-to-end requirements.
• Develop, review, and update briefings, papers, or spreadsheets in support of this task.
• Develop and implement firewall/router access rules, NAT policies, VPN technology, 802.1x, and radius protocols within the JCSE enterprise.
• Develop, implement, and support the overall network security architecture on the JCSE enterprise.
• Support development and test of equipment including monitoring server/hardware usage and up-time.
• Provide direction in complex problem-solving situations and participate in direct interaction with internal staff as required.
• Identify process improvement opportunities achievable through the optimum use of the servers. Design, implement and maintain a consistent backup and disaster recovery plan.
• Perform vulnerability and risk analyses of security hardware and applications during all phases of the system development life cycle.
• Collaborate with operations, QA, and third-party data centers to provide technical direction on network topologies, server configurations, hardware/software deployments, firewall configurations and other administrative tasks related to the staging and maintenance of company development, testing and production server and network stacks.

Required Experience/Qualifications:

• Current DoD 8570 IAT Level II certification (CompTIA Security+ce, CCNA Security, CySA+, etc.)
• CCNP Security or CASP Certification Required
• This position requires the candidate have a strong understanding of VPN technologies, IPSec, RA/CA process and authorities.

Special Requirements/Security Clearance:

• Minimum Secret clearance