Own your career as a Senior Network Security Engineer at GDIT. Here, you’ll have the opportunity to use cutting-edge technologies. Your work in Network Security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.
Our work depends on Network Security Engineers with advanced AlgoSec to join our team to be responsiblefor the configuration, deployment, and management of the customer’s security appliances and infrastructure in a 24x7x365 environment with regards to AlgoSec and Firewalls. The senior engineer is responsible for but not limited to monitoring, configuration changes, accounts, and software updates for the customer’s security appliances for internal and border security framework. The engineer must be able to analyze, troubleshoot, and remediate issues within the enterprise. The engineer will also work closely with other teams to ensure that all security solutions are performing to standard.
GENERAL DUTIES AND RESPONSIBILITIES
Provide all ISSOs access to run existing reports in AlgoSec
Provide training materials / 1 on 1 training to ISSOs on how to use AlgoSec
Work with OCIO, CIT service areas, and ICs to identify established and authorized use of ports 22/3389 (e.g. CyberArk, Tenable, domain controllers, etc…)
Identify those authorized sources within AlgoSec policies
Provide ISSOs Splunk reports on usage of ports 22/3389 to identify any other required sources of that traffic
ICs submit FRCs w/ISSO approval for those other sources
Add those authorized sources into AlgoSec as needed
Create explicit firewall rules to block SSH/RDP except from authorized sources (shorter effort) OR automatically remove their access as any/any firewall rules are replaced with specific rules (much longer effort)
Run AlgoSec reports to demonstrate the ‘after’ state on firewalls
Administration of LAN technologies for Cisco ASA Firewalls
Administration of firewalls, including but not limited to Cisco ASA, ACS, RSA, Cisco AnyConnect, Gigamon, Cisco VPN
Assist in troubleshooting and problem solving for a wide variety of client/user LAN/Security related issues
Work closely with other IT functional teams to ensure cohesive support and strategies across the IT organization
Support the development of a project plans and execute as authorized
Maintain relationships with key Third-Party software/hardware vendors to provide support to the infrastructure as needed.
Provide daily support for tickets: service requests, incidents, problems, and tasks
Execute tasks to support projects
Auditing and Compliance
Configuration changes and Code upgrades needed to address vulnerabilities report by internal/external audits.
Analyze and prepare data using Algosec/Splunk, present to the customer, propose changes required to remove vulnerable rules.
IOS code version bug scrapping with Cisco SME/TAC
IOS code version lab testing before implementing in production
Quarterly IOS code upgrades
Auditing of any newly deployed firewalls to verify they are compliant
24 hours availability for weekly On-Call rotation with Security Team
Firewall Hardware refreshes including rack and stack
Provide regular updates to tickets
Produce daily/weekly status reports
Develop and execute change request plans
Develop High-Level Designs (HLDs) and Low-Level Designs (LLDs)
Document physical and logical topologies for security solutions
Experience configuring and implementing network segmentation including VLANs and MPLS.
Experience with multiple end-system operating systems including Windows, Linux, Mac OS, and Apple IOS.
Experience with ServiceNow and Visio is an asset
ATTRIBUTES FOR SUCCESS
Expert experience with CLI.
Excellent written and verbal communication skills.
Ability to explain and elaborate on technical details.
Ability to self-direct, take initiative and lead teams.
Ability to multitask and prioritize work in a fast-paced IT environment
WHAT GDIT CAN OFFER YOU:
Full-flex work week
401K with company match
Internal mobility team dedicated to helping you own your career
Collaborative teams of highly motivated critical thinkers and innovators
Ability to make a real impact on the world around you
The likely salary range for this position is $96,000 - $144,000, this is not, however, a guarantee of compensation or salary; rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.