Network Security Engineer III (25 - 393) E4 / Cos - 83

Network Security Engineer III

Candidates must hold an active Secret Security Clearance or higher and be able to work onsite to be considered.

Must have a Bachelor of Science Degree with 5 or more years of experience or a Master of Science Degree with 3 years of experience. Degrees must be in a relevant field of study.

Must have an IAT Level II (8570) Compliant Certification such as Security+ CE, CASP+CE, GSEC, SSCP, CND, GICSP, etc.

Must have an active Secret Clearance.

Must be able to travel to alternate work locations, such as Schriever Space Force Base, to execute job duties such as deployments.

Must understand the OSI Model, TCP/IP, VLANs, UDP Multicast.

Must have firewall configuration knowledge such as Juniper, Cisco, Palo Alto.

Must have knowledge of ACL design and function.

Must have hands on experience with multi-vendor switching/routing (Juniper, Cisco).

Must be an effective communicator with excellent writing and presentation skills using Microsoft PowerPoint and Visio drawing tools.

Must be able to design security configurations and testing procedures.

Must be familiar with NIST CVE framework.

Must have experience with virtualization.

Must be able to work collaboratively in a team environment with other highly motivated network and system engineers.

Intermediate knowledge of security design, development, and testing methodologies.

Experienced in application of standard DOD security practices such as, STIG compliance and system accreditation implementation efforts.

Able to thoroughly document project design and development efforts.

Able to collaborate with other departments to explain network security requirements and compliance.

Able to learn security hardening basics for a wide range of niche products, software and applications.

Able to summarize, brief, and recommend solutions to security issues to leadership.

Understand basics of VMware and ESXi STIGing/Hardening.

Must know about STIG Compliance and POAMS.

# years required 3-5+

Scripting knowledge Python, Ansible, PowerShell (Desired)

Solid understanding of JUNOS (Desired)

Prior C2BMC experience (Desired)

Role Description: In this role the candidate will be responsible for providing technical support for the assessment of compliance of information systems with DoD RMF standards (review, verify and validate required DoD IA RMF documentations and artifacts using DoDI 8510.01/DoD Risk Management Framework). Candidate must have proven experience in developing Cyber-secure Network device configurations (Firewalls, switches, routers).

Responsibilities: Candidate will be a primary Network Security Engineer supporting the C2BMC Program. Candidate will be responsible for planning, deploying, integrating, and testing upgrades to the C2BMC network to operational sites. Candidate will be required to conduct research on different networking and security related topics independently and produce reports on findings. Candidate will be required to make sure that the teams' devices are STIGs and hardened appropriately. Along with running all Cyber protocols needed.