Network Security Engineer

Role: Network Security Engineer

Location : Hybrid (at least 3 days per week on-site) Annapolis, MD 21401

Duration: Long Term Contract

Project Overview: The Maryland Judiciary s Administrative Office of the Courts (AOC) requires a Network Security Engineer who will actively participate in planning and coordinating the design, installation, and connectivity of computer and network systems to ensure stable, scalable, redundant, and secure 24x7 network operations.

Duties/Responsibilities

• Proactively identify organizational requirements and design tailored network security solutions.
• Engineer, install, and troubleshoot data security networks on a project basis.
• Assess, design, and implement secure networking environments.
• Develop and manage graphical and text-based design documentation through implementation.
• Support capacity planning, monitoring, and review of secure data communications networks.
• Lead or assist migrations from legacy to next-generation network security platforms.
• Troubleshoot critical network security issues and coordinate threat remediation.
• Implement configuration standards, change-management processes, and SOPs for secure networks.
• Coordinate team activities to resolve end-user security problems promptly.
• Generate weekly status reports on project progress, key milestones, and completed tasks.
• Host weekly status meetings and conference calls to align stakeholders.

Education and Certification

• Bachelor's degree in information technology (IT) or related field.

Required Certificates:

• Palo Alto Networks Certified Network Security Engineer (PCNSE) Certification.
• Cisco Certified Network Professional (CCNP) Enterprise or (CCNP) Security Certification
• Prisma Certified Cloud Security Engineer (PCCSE) Certification from Palo Alto Networks
• Cisco Certified Internetwork Expert (CCIE) in Enterprise Infrastructure or Security Certification

Required Experience

• 10+ years of CONUS technical experience in IT networking and network security.
• 5+ years of experience with:

o Palo Alto Networks next generation firewall service.

o Intrusion Detection and Prevention with Palo Alto networks.

o Content Filtering Palo Alto networks.

o Virtual Private Networks use Palo Alto network systems.

o Data Loss Prevention TLS/SSL Inspection

• 4+ years of experience in Complex switching, routing, wireless with Cisco Systems.
• 3+ years of experience in Reverse Proxies, Load Balancing with A10 networks.
• 2+ years of experience in Network Access Control - Cisco Identity Services Engine (ISE), Free Radius, and Access Control Lists (ACLs).

o Implementing multifactor authentication solutions with Microsoft.

o Cloud based virtual networking and security services Authentication standards - (802.1x) in wired and wireless applications.

o Scalable routing protocols Enhance Interior Gateway Routing Protocol (EIGRP), Open Shortest Path Fist (OSPF), and Border Gateway Protocol (BGP).

o Enterprise Data Center implementing Micro segmentation.

o Certificate Management, Public Key Infrastructure (PKI).

o Vulnerability management using Nessus, NMAP, Windows, Unix, and Linux OS

o Packet/Protocol Analysis using Opnet, Riverbed, Wireshark, and taps.

o Centralized Management using Panorama, SolarWinds

o Major server and desktop operating systems and utilities

Ability to:

• To work independently, troubleshoot and provide mentoring to junior associates.
• Communicate effectively when providing presentations.
• Produce technical documents (diagrams, design documents, project plans and schedules, and user instructions) as required.

On-site support:

• On-site support may be required. The proposed resources must be able to report on-site within 4 hours after notification.

• If required to report, the Offeror Resource shall report to Maryland Judiciary Information Systems, 189 Harry S Truman Parkway, Annapolis, MD 21401.
• The AOC does not have a limit on the number of times the proposed resources may be required to be onsite