Network Security Engineer (Engineer Network 3) - 13136

Full Time

    Job Description

    Requisition Number: 13136

    Required Travel: 11 - 25%

    Employment Type: Full Time/Salaried/Exempt

    Hours Per Week: 40

    Security Clearance: Secret

    Level of Experience: Senior

    Job Description

    Would you like to be part of a high-level engineering team migrating and upgrading large network enterprises for the US Navy? Would you like to dramatically increase your skills and knowledge as a professional, working with a very senior team employing advanced designs and solutions?
    The Network Security Engineer in this position will be providing network security support to dedicated enterprise Navy operational and training networks, under the engineering oversight of the Naval Surface Warfare Center (NSWC), Corona Division. The network engineer will be a member of a network engineering and operations team supporting enterprise Navy operational and training networks, distributed globally to hundreds of shore-based sites and ~120+ ships. Engineer will be focused on network security of the Navy Enterprise Tactical Training Network (NETTN) enterprises, while potentially augmenting the Live Mission Operations Networks (LMON), for the United States Air Force. This position will report to the Network Security Team lead, as well as the Network Engineering Functional Lead and Deputy Functional Lead.
    The Network Security Engineer will be responsible to support the network security architecture for the NETTN to include support of Cisco Identity Services Engine (ISE), Cisco Firepower NGFW firewalls, Cisco Secure Firewall Management Center, AAA, 802.1x, various VPN deployments, STIG implementation and verification, other security requirements as needed, as well support of Command Cyber Readiness Inspections (CCRI), as needed. The Network Security Engineer will interface and liaison with government and contractor personnel, as well as the Alion/HII Engineering Program Management Office to coordinate, report, and maintain project tasking, requirements, status reporting, and problem resolution where needed. The Network Security Engineer may provide technical recommendations to the Security Team Lead and Network team for review.

    The Network Security Engineer will be responsible for planning and execution of the installation of new capabilities, as well as operating, maintaining, and troubleshooting network connectivity and infrastructure on enterprise managed networks. The Network Engineer will support multiple network enclaves across different classification levels and may augment ensuring continuous network connectivity is maintained to customers and sites. He/she will support establishing and maintaining connectivity of IP and MPLS networks, running various network protocols and advanced network engineering techniques and architectures, in support of Navy training and operational requirements. The Network Engineer may support the drafting of Bill of Materials (BOMs) for network device hardware and software procurement, based on the approved network portfolio, as well conduct analysis of the Fielding Division site survey reports for accurate network engineering planning.

    The Network Engineer may be required to assist the Project Lead with additional network engineering tasks, development of architectural and technical briefs or documents on the design, capabilities, and functional operation of networking technologies and projects for peer-review with Network Engineering and other divisions.

    Essential Job Responsibilities

    • Strong experience in monitoring, maintaining, troubleshooting and configuring ASA and/or FirePOWER NGFW firewalls, Cisco Secure Firewall Management Center, and access control lists.
    • Strong experience with Cisco Identity Services Engine (ISE).
    • Strong understanding of AAA concepts.
    • Strong experience with client-based VPN as well as various site-to-site VPN technologies.
    • Strong ability to troubleshoot network issues at the protocol/packet level using sniffers, protocol analyzers, netflow, logging, etc.
    • Strong technical network troubleshooting and critical thinking skills with the ability to troubleshoot technical issues within multiple systems.
    • Knowledge of Cisco Internetworking including IP addressing (subnets, CIDR), switching (VLANs, 802.1q, IGMP, etc..) and routing (OSPF, EIGRP, BGP, PIM, multicast, etc.) and Cisco IOS.
    • Strong knowledge of IP networking fundamentals including OSI model, frame and packet structure, (OSI, frames, packets etc.).
    • Strong Experience with Department of Defense Security Technical Implementation Guidelines.
    • Experience in installing and troubleshooting WAN and LAN network equipment for node installs.
    • Experience with NSA Type 1 KG cryptographic devices and keymat particularly KG-175D and KG-175G a plus.
    • Experience in a Network Operations Center (NOC) or Network Operations Security Center (NOSC) environment including help desk, customer communication, trouble ticketing, and issue resolution.
    • Experience in independent Project Management.
    • Experience with network and performance monitoring tools (Cisco IP SLA, SolarWinds, HP NA, NetFlow).
    • Experience in network security, tools, and technologies including firewalls, VRFs, 802,1x, and port-security.
    • Familiarity with Cisco VoIP, including PoE switches and Call Manager or Unified Communications Manager a plus.
    • Additional duties may include escalation of issues or problems that are discovered by the NOSC/NOC to the Network Engineer.
    • The Network Engineer may be required to assist the Project Lead with additional network engineering tasks, development of architectural and technical briefs or documents on the design, capabilities, and functional operation of networking technologies and projects for peer-review with Network Engineering and other divisions.
    • Must be willing to work periodic but brief shifted schedules include evening, night, and weekend when necessary, when onsite installation requires it.
    • Must be willing to travel CONUS and OCONUS approximately 20%.

    Preferred Requirements

    • CASP+ or CISSP a plus.

    • CCNP Security Certification a plus.

    Minimum Qualifications

    5 years relevant experience with Bachelors in related field; 3 years relevant experience with Masters in related field; 0 years experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 9 years relevant experience.

    Work experience may be adjusted for highly specialized knowledge or uniquely applicable experience.

    • Security+ Certification required.

    • CCNA Security Certification required.

    This opportunity resides with Live, Virtual, Constructive Solutions, a business group within HII's Mission Technologies division. As a trusted partner to our military customers, we design, develop and operate systems that bring together service members from across the globe to help you train like you fight, because we understand that preparation requires full coordination-not readiness in piece parts.

    HII is a global engineering and defense technologies provider. With a 135-year history of trusted partnerships in advancing U.S. national security, HII delivers critical capabilities ranging from the most powerful and survivable naval ships ever built, to unmanned systems, ISR and AI/ML analytics. HII leads the industry in mission-driven solutions that support and enable a networked, all-domain force. Headquartered in Virginia, HII's skilled workforce is 44,000 strong. For more information, please visit:

    HII is an Equal Opportunity/Vets and Disabled Employer. U.S. Citizenship may be required for certain positions.