Senior Network Security Engineer locals to Albany, NY W2 role NO C2C

W2 role

Must be locals

5 days a week onsite

No agency or C2C will NOT be considered and Visa sponsorship is not available nor provided

Key Responsibilities

• Configure and troubleshoot VLANs, network segments, and routing protocols.
• Monitor network performance and availability using network management tools
• Respond to and resolve network incidents, including connectivity issues, performance degradation, and security alerts.
• Perform routine maintenance tasks such as firmware updates, configuration backups, and equipment replacement support.
• Provide technical support to internal teams and external partners regarding network connectivity and performance.
• Assist in the configuration and management of firewalls, intrusion detection and prevention systems (IDS/IPS), and other security appliances.
• Configure and monitor SIEM platforms for security anomalies and escalate incidents according to established procedures.
• Document network configurations, standard procedures, and operational guidance.
• Support vulnerability scanning and remediation efforts.
• Assist maturing the cybersecurity incident response plans.
• Prepare detailed reports of security incidents and network anomalies for appropriate authorities, including the FBI and the New York State Office of Information Technology Services.
• Work closely with the NYSDOT CISO and other cybersecurity team members to support security and compliance.
• Collaborate with other NYSDOT departments to support the integration of new intelligent transportation system devices and applications.

Minimum Qualifications

• Bachelor's degree in computer science, information technology, or a related field, or equivalent experience.
• Strong understanding of TCP/IP, routing, switching, and network security principles.
• Proficiency configuring and troubleshooting LANs, VLANs, trunks, spanning tree, IP subnetting, routing protocols, and wireless networking
• Proven experience in network administration and troubleshooting.
• Ability to perform and analyze packet traces.
• Proficiency with firewalls to configure and troubleshoot security rules, NAT, threat protection, and logging
• Experience with IDS/IPS and SIEM tools, security event triage, and escalation.
• Industry certifications such as CCNP, PCNSA, or similar are preferred.
• Familiarity with network monitoring tools.
• Familiarity with vulnerability scanning tools.
• Excellent problem-solving and communication skills.
• Display a strong grasp of key cybersecurity and IT concepts such as:
• Cloud Concepts: SaaS, IaaS, PaaS, hybrid, on premises
• Cybersecurity Principles: defense in depth, least privilege, CIA triad
• Cybersecurity Technology: NAC systems, next-generation firewalls, VPNs, micro segmentation, IAM, vulnerability management, encryption
• IT principles: High availability, clustering, failover, single point of failure, dynamic routing, classification, tagging
• Server and Compute: Client Server, virtualization, clustering, failover, backups, imaging
• A strong desire to learn and grow within the field of intelligent transportation systems.

Preferred Qualifications

• Data classification principles and enforcement
• Understanding of cybersecurity frameworks such as NIST CSF, CIS Critical Controls
• Experience supporting operational technology or critical infrastructure environments.
• Experience working with distributed networks that support transportation, public sector, industrial, or field-based operations.
• Familiarity with cybersecurity incident response and escalation procedures.
• Experience balancing network security requirements with system availability and operational continuity.
• Hands-on familiarity with modern network security monitoring, event analysis, and infrastructure documentation practices.

Core Knowledge Areas

• TCP/IP networking, subnetting, routing, and switching.
• VLAN design, segmentation, and troubleshooting.
• Network security fundamentals, including firewalls, IDS/IPS, access control, and secure configuration.
• SIEM monitoring, security event triage, and escalation.
• Network performance monitoring and availability management.
• Threat intelligence integration and operational awareness.
• Incident response support for network disruptions, malicious activity, and denial-of-service conditions.
• Documentation of network topology, procedures, and configurations.
• Collaboration with cybersecurity, operations, and engineering teams in a mission-critical environment.