This is a mid-level firewall engineer position within the Vanguard contract, providing networking engineering support to multiple firewall and perimeter security systems and devices. The well qualified candidate will possess and apply remedial knowledge regarding perimeter security devices. The candidate must be capable of planning and leading the testing, implementation, and maintenance of perimeter security technologies and devices. The candidate must be capable of evaluating performance results, performing risk assessments, and recommending changes affecting perimeter security configuration/implementations. The position directly supports DoS on-site to provide perimeter security protection to over 80,000 customers globally.
The position may temporarily allow a rotation of remote & onsite work due to Covid-19. Position may be called back onsite at any time at the customer's request.
- Experience with cloud security solutions such as Cloud Access Security Brokers/Microsoft Cloud App Security solution (CASB/MCAS) including complex deployment with multi-cloud, onboarding a variety of cloud applications, configuring CASB policies, and troubleshooting issues with cloud applications and CASB.
- Lead onboarding and migration of cloud applications to (CASB/MCAS) solution. Provide Tier 3 support for issues with cloud security solutions such as CASB/MCAS.
- Build, design, test and deploy perimeter security systems.
- Directs compilation of records and reports concerning perimeter operations and maintenance to analyze the performance of perimeter security systems.
- Provides input to the problem management process, including assessing and evaluating software and hardware anomalies. Supports the root cause analysis efforts to determine problems and develop remediation activities. Interfaces with vendor support service groups to ensure proper support during outages or periods of degraded system performance.
- Manages the transition to operations of perimeter security devices.
- Collaborate with Cross-Bureaus and Agencies to implement network changes as it relates to perimeter security
- Supports the configuration testing of replacement perimeter devices
- Plans, documents, and implements hardware and software build and refresh
- Create and Maintain standard operating procedures and guides for new and/or existing perimeter hardware and software.
- Attend weekly teleconferences, onsite meetings, and participates in working groups, as related to constant changing security environment.
Required Education, Experience, & Skills
- Bachelors and three (3) years or more experience; Additional training and experience may be substituted in lieu of a degree.
- IT network engineering support experience (Tier II, Tier III, network infrastructure implementation and maintenance)
- Strong experience in one or more of the following security devices: Palo Alto firewalls, Panorama management console, McAfee/Forcepoint StoneGate, A10 Encrypted Traffic Inspection/Application Delivery, and Cisco ESA & ASA
- Experience supporting the configuration and maintenance of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies (Palo Alto, McAfee/Forcepoint Stonegate)
- Firsthand experience in developing and providing quality assurance review of engineering change orders relating to the replacement or enhancement of perimeter security hardware and software
- Experienced with performing root cause analysis, risk identification, and risk mitigation
- Knowledgeable with configuring Cisco switches
- Experienced with network monitoring devices such as HP Openview, Nagios, Zenoss, NeuralStar or other similar monitoring tools
- Must be able to obtain an Interim Secret Clearance to start work with the eligibility to obtain a Top Secret Clearance.
Desired Education, Certifications, & Skills
- Experience developing and configuring SSL encryption/decryption solutions for traffic inspection
- Experience with Red Hat Linux/CentOS and Ubuntu including administration scripting is a plus
- ITIL ® Foundation certification
- Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE), A10 Certification/Accreditation, StoneGate Firewall/VPN Architect Certification, StoneGate Management Client (SMC) Certification, Microsoft Certified Professional (MCP), Network+, Security+
- Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs)
- Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.