IP Network Architect (Secret) - JB-CE

IP, Network, Architect, routers, network, engineering, architecture, systems, Systems, testing, networks, system, lifecycle, Engineers, research, LAN, Cisco, VPN, project, security, test, Router, Firewall, Test, Networking, Telecommunications, CCIE, CCNP, CCNA, Security, CISSP, protocol, router, protocols, Protocol, TCP, WAN, SONET, management, Agilent, Ethernet, Access, ACL, Management, Exchange, Apache, web
Full Time
Work from home not available Travel not required

Job Description


IP Network Architect (Secret)

Fort Meade, MD

By Light seeks an IP Network Architect with an active Secret clearance to join our team in support of our projected new work with our existing DISA customer.

Work Location: Fort Meade, MD

Work Program:

DISA Operations Center, Infrastructure Directorate (IE54) is inheriting the Joint Base Customer Edge (JB-CE) Multiprotocol Label Switching (MPLS) routers that are co-located at most of the DoD military bases, working within the Joint Planning Environment.

By Light will provide the Infrastructure Directorate (IE54) with IP network engineering support for the JB-CE MPLS DISN architecture.

This work will encompass network engineering support (Tier Level III) to legacy, current, and future DoD and DISA capabilities, services, systems, and Systems-of-Systems (SoS) throughout the acquisition and engineering life-cycle.

Job Description:

The IP Architect will provide technical expertise in design review, lab testing and reporting, and implementation planning and deployment of new and advanced large-scale complex DoD networks.

Regular Work Responsibilities:
  • Develop and validate system architecture
  • Develop and support initial implementation
  • Provide lifecycle engineering of network architecture
  • Provide emerging insertion technologies (i.e. new features, capabilities, etc.)
  • Support Mission Partners to satisfy the interoperability requirements
  • Provide all required documentation in support of Configuration Control Boards (CCB)
  • Oversee the Network Engineers
  • Conduct market research to find products to meet requirements
  • Implement MPLS services offering on the DISN network called IP Transport Provider Edge (IPTPE). MPLS services include L3VPN, L2VPN, VPLS (Virtual Private LAN service) and CsC (Carrier Supporting Carrier). IPTPE platforms tested include Juniper MX960/MX480 and Cisco ASR9010/ASR9006 routers.
  • Perform testing and support implementation of the DMZ COI VPN (part of NIPRNet Hardening project), which provides separation of the NIPRNet traffic and Mission Critical Community of Interest (COI) traffic using the MPLS L3VPN servic
  • Provide technical security expertise in design, test, evaluation and deployment of advanced large-scale complex DoD networks.
  • Review security requirements set by DoD agencies for the NIPRNet protection
  • Assess and analyze current NIPRNet architecture; propose and analyze potential solutions.
  • Review security threats to the current DoD NIPRNet/Internet gateway, IA infrastructure, architecture, and technology and determine and implement effective countermeasures in accordance with IAW established policies/regulations/directives.
  • Deliver Router and Firewall Test Plans and resulting Test Reports.
  • Prepare field recommendations and Configuration Guides.

Required Experience/Qualifications

Education/ Certifications:

  • Bachelor's degree in Networking, Telecommunications, or related field
  • CCIE or JNCIE or CCNP or CCNA with equivalent routing and switching experience
  • DoD 8570-01-M IAT Level II or higher to include Security+, GSEC, SCNP, SSCP, or CISSP

Security Clearance: Active DoD Secret clearance


5 + years of experience with the following
  • Large Enterprise or DoD IP Design Experience running ISIS, BGP/MP-BGP (multi AS) and MPLS routing protocol
  • Extensive router certification testing, Cisco IOS & IOS-XR operating system regression testing which include all protocols and services required for DISN backbone routers.
    • Router platforms include Cisco ASR9K (ASR9010/ASR9006) routers
    • Routing protocols: BGP, MP-BGP, MPLS/RSVP, OSPF, IS-IS, RIP, Multicast, IPv6, QoS
    • Multiprotocol Label Switching (MPLS) - Resource Reservation Protocol (RSVP), Label Distribution Protocol (LDP), MPLS Layer-2/Layer-3 Virtual Private Network (VPN), CsC (Carrier servicing Carrier).
    • TCP/IP, LAN/WAN, SONET, ICMP and SNMP management protocols
    • Network test equipment/Traffic Generator such as IXIA, Spirent Test Center, Smartbits and Agilent N2X
    • Filter Based Forwarding (FBF)
    • Multi-Hop Bidirectional Forwarding Detection (MBFD)
    • Ethernet Operation
    • Firewalls including Access Control List (ACL)
  • Operation Administration and Maintenance (OAM) Protocol and Network Management - 1Q and VRRP/HSRP, Certificate Authority Server, ACE/SecureID Server, TACACS+, RADIUS, MS Exchange, Sendmail, Apache web server, PKI, WINS, DHCP, DNS, FTP/SFTP/TFTP, SSH, NTP, Netflow/Cflowd servers
  • Excellent interpersonal communication skills with the ability to interact with management and staff at all leve
  • Excellent verbal and written communication skills.

Preferred Experience/Qualifications

  • MS Degree in Networking, Telecommunications, or related area desired

Special Requirements/Security Clearance

Active DoD Secret clearance


Physical Demands

  • Ability to type, communicate via telephone and sit for extended periods of time.
Dice Id : RTX15e409
Position Id : 2019-4766
Originally Posted : 4 weeks ago
Have a Job? Post it