Job ID: 201861
Location: SPRINGFIELD, VA, United States
Date Posted: Feb 4, 2020
Subcategory: Cyber Eng/Archt
Shift: Day Job
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Top Secret
Potential for Teleworking: No
Job Title: Senior/SME Firewall Engineer
Security Clearance: Top Secret (Minimum SECRET to start and eligible for TS)
This is a Senior/SME position for the Firewall security engineering team within the Vanguard Perimeter Security Division (PSD), providing firewall/engineering leadership over multiple firewall and perimeter security systems and devices. The well qualified candidate must be capable of evaluating performance results, performing risk assessments, and recommending changes impacting the perimeter security team. The candidate must be capable of planning and leading engineering activities to include the testing, implementation, and maintenance of perimeter security technologies and devices and must be capable of communicating and coordinating all firewall related work to the Firewall Manager to include the Government customer. The position directly supports DoS on-site to provide perimeter security protection to over 100,000 customers globally.
Works directly with the DoS Perimeter Security customer to build, design, test and deploy perimeter security (Firewall) solutions.
Develop and deploy perimeter security solutions utilizing multi-vendor firewalls, email security, IPS/IDS, SSL/TLS decryption, DMZs, and virtualization/zones for on premise and cloud based services.
Collaborate with technical SMEs on Enterprise wide solutions, participate in technical working groups, and contribute to technical advisory boards.
Supports the compilation of records and reports concerning perimeter operations and maintenance to analyze the performance of perimeter security systems.
Provides input to the problem management process, including assessing and evaluating software and hardware anomalies. Supports the root cause analysis efforts to determine problems and develop remediation activities. Interfaces with vendor support service groups to ensure proper support during outages or periods of degraded system performance.
Supports the transition to operations of perimeter security devices.
Collaborate with Cross-Bureaus and Agencies to implement network changes as it relates to perimeter security
Supports the configuration testing of replacement perimeter devices
Plans, documents, and implements hardware and software build and refresh
Create and Maintain standard operating procedures and guides for new and/or existing perimeter hardware and software.
Address Tier III escalation issues
Attend weekly teleconferences, onsite meetings, and participates in working groups, as related to constant changing security environment.
Bachelor degree in a computer science/computer engineering related discipline
10+ years IT security/network engineering support experience (Tier II, Tier III, network infrastructure implementation and maintenance)
Experience working directly with Government customer
Expert experience in one or more of the following security devices: Palo Alto firewalls, Panorama management console, Forcepoint/StoneGate firewalls, A10 Encrypted Traffic Inspection/Application Delivery, and Cisco ESA & ASA
Experience developing and configuring SSL/TLS encryption/decryption solutions for traffic inspection
Experience supporting the configuration and maintenance of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies (Palo Alto, Forcepoint/Stonegate)
Firsthand experience in developing and providing quality assurance review of Engineering change orders relating to the replacement or enhancement of perimeter security hardware and software
Experienced with performing root cause analysis, risk identification, and risk mitigation
Knowledgeable with configuring Cisco switches
Strong understanding of routing/switching technologies, IP addressing/subnetting, and network traffic analysis/troubleshooting
Experience with network monitoring devices such as HP Openview, Nagios, Zenoss, NeuralStar or other similar monitoring tools
Candidate must be a US Citizen and possess a US “TOP SECRET” security clearance, Secret clearance with upgrade to Top Secret is acceptable.
Bachelor Degree plus relevant work experience
ITIL ® Foundation certification
Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE), A10 Certification/Accreditation, StoneGate Firewall/VPN Architect Certification, StoneGate Management Client (SMC) Certification, Microsoft Certified Professional (MCP), Network+, Security+, CISSP
Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs)
Experience with Red Hat Linux/CentOS and Ubuntu including administration scripting is a plus
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability