Network Security Engineer SME

Title: Network Security Engineer SME

Location: Remote

Duration: Long Term

Clearance: Top Secret

The Network Security Engineer (SME) shall be responsible for the following:

Add and manage nodes in Splunk and Riverbed for monitoring purposes.

Update monitoring tools using Ansible.

Interact successfully with both program leads and DOJ partners to ensure objectives are completed on-time.

Manage information technology security, including backups, firewalls, and routers.

Provide guidance for design and management of information systems security policy, implementation, and management for a globally distribute MPLS infrastructure.

Provide network security management and support windows servers.

Resolve routing and Network Address Translation (NAT) issues utilizing tcpdump and other tools

Perform system upgrades and implement any new security policies per agency guidance and policy.

Key contributions include trouble shooting of complex LAN/WAN infrastructure that include routing protocols BGP, EIGRP and Open Shortest Path First (OSPF), VPNs, web proxy, and XML gateway for enterprise web services.

Work on different networking concepts and routing protocols like BGP, EIGRP, dynamic multipoint virtual private network (DMVPN) and other LAN/WAN technologies.

Recommends enterprise information assurance and security standards.

Develops and implements information assurance/security standards and procedures.

Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers' requirements.

Identifies, reports, and resolves security violations.

Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.

Supports customers at the highest levels in the development and implementation of doctrine and policies.

Performs a variety of system engineering tasks and activities that are broad in nature and are concerned with major systems design, integration, and implementation, including personnel, hardware, software, budgetary, support facilities and/or equipment.

Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.

Performs analysis, design, and development of security features for system architectures.

Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.

Designs, develops, engineers, and implements solutions that meet security requirements.

Provides integration and implementation of the computer system security solution.

Analyzes complex information assurance-related technical problems and provides multifaceted engineering and technical support in solving these problems.

Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.

Ensures that all information systems are functional and secure.

Perform system security tuning, security monitoring, general and privileged user account management, and reviewing all COTS software products upgrades and patches, including operating systems.

Monitors and performs script writing, storage management interfaces, network interfaces, external peripheral interfaces, and others systems interfacing.

Design and execute security system tests.

Shall support all systems/services certification and Accreditation activities.

The Network Security Engineer (SME) shall possess the following qualifications:

Five years of total experience with two years of current experience in supporting and

troubleshooting various computing devices and operating systems.

Strong technical background, CompTIA A+ certified preferred.

Proficiency in both networking and cybersecurity technologies and protocols.

Experience in managing and troubleshooting Linux or Unix base operating systems.

Experience with Application Layer Gateway (ALG) [Real-time Transport Protocol (RTP), Real-Time Streaming Protocol (RTSP) and File Transfer Protocol (FTP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP)], Dynamic Host Configuration Protocol (DHCP).

CompTIA Security+ certified, CompTIA Advanced Security Practitioner (CASP+) certified or Cisco Certified Cybersecurity Professional (CCCP) preferred.

Experience working in an Agile organization using Scrum, XP, Kanban, and SAFe.

Bachelor's degree in computer science, information systems, engineering, or a related field is preferred.