Network Security Engineer - HYBRID

Q009 - Network Security Engineer (766228) Hybrid position. Local candidates. **** Due July 10th by 12pm***

*Only submit local candidates to DMV region* *Hybrid position - candidate will be required to be on-site 3x/week - 1101 4th St. SW, Suite 350, Washington DC 20024

Senior Network Security Engineer II supports the ongoing design, implementation, operation and security of the OCFO network and the supporting security infrastructure

Qualifications:

a. Experience building large scale, multi-site network architectures

b. Experience with secure remote access/WAN technologies (IPsec, VPN, etc.)

c. Knowledge of network-based and system-level attacks and mitigation methods

d. Experience with firewalls: Cisco Firepower (NGFW) or Cisco ASA Firewalls;

e. Experience with security routing protocols

Technical Skills: Security: Cisco Firepower (Next generation firewall), Cisco ASA Firewalls, Cisco ISE 2.0 and above (Identity Services Engine), Cisco NGFW (Next Generation Firewall), Cisco AMP (Advanced Malware Protection), Cisco Firepower

Duties & Responsibilities:

a. Ability to monitor and analyze data traffic patterns within the OCFO network infrastructure;

b. Identify network problems and recommend improvements to ensure optimal performance;

c. Ability to improve network quality regarding any degradation;

d. Ability to enhance security and knowledge of the latest security threats, worms and malware and advise on how to deter them;

e. Ability to ensure reliability and stability of the work through the above actions;

f. Configure routers, switches, firewalls and other appliances in compliance with OCFO security standards

g. Monitor security measures in place within network perimeter, ensuring breaches do not occur and information is safeguarded from unauthorized access;

h. Proactively oversee the activities involved in quality resolution of complex technical issues, responding with an appropriate sense or urgency to problems escalated to Network Engineer's level;

i. Coordinate with appropriate personnel to determine positive solutions that increase end user satisfaction, following through to completion, and communicating resolution results; escalate to management any situation that could adversely impact the service provided to the end user;

j. Monitor trends in documented incidents and determine appropriate actions necessary to eliminate future occurrences and improve customer service levels in an appropriate timeframe; k. Provide network design services

l. Coordinate with the Infrastructure Services Group staff to establish the scope, timing and technical approach to be used for proposed network changes;

m. Ensure adherence to network policies and procedures;

n. Manage production and disaster recovery networks and security

o. Ability to perform forensic and packet analysis;

p. Ability to configure and operate network security-focused monitoring and logging systems

Skill

Required/Desired

Amount

Actual Experience

Experience building large scale, multi-site network architectures

Required

Experience with secure remote access/WAN technologies (IPsec, VPN, etc.)

Required

Knowledge of network-based and system-level attacks and mitigation methods

Required

Experience with firewalls: Cisco Firepower (NGFW) or Cisco ASA Firewalls

Required

Experience with security routing protocols

Required