Network Engineer Principal

We are seeking a Senior Network Engineer Principal to join our enterprise infrastructure team supporting a large, complex environment spanning cloud and enterprise network services. This is a hands-on engineering role responsible for implementing, operating, and continuously improving critical network capabilities that support secure access to applications, services, and the internet.

The ideal candidate brings deep experience in enterprise networking, secure internet access, authentication, and cloud-connected SaaS infrastructure. This role focuses on maintaining and enhancing existing architecture while partnering closely with security, identity, and cloud engineering teams to ensure reliable and secure connectivity across the organization.

You will join a collaborative engineering team responsible for internet edge services, secure access platforms, and foundational network services used by thousands of users and applications across hybrid cloud environments.

This position is expected to be hybrid within the DMV region out of Herndon or Falls Church, Virginia.

MEANINGFUL WORK AND PERSONAL IMPACT

Operate and enhance secure internet access services

• Manage enterprise web traffic filtering and cloud-based secure web access platforms
• Implement and maintain URL filtering, SSL inspection, and threat protection policies
• Troubleshoot user connectivity issues related to secure web access and policy enforcement

Support secure connectivity and network access

• Configure and maintain secure network tunnels using technologies such as GRE and IPSec
• Support enterprise implementations of Zero Trust security models and access controls
• Implement policies that enable secure access to modern business applications, including AI-enabled services, while maintaining organizational security posture

Deliver secure browser and remote access capabilities

• Configure and troubleshoot cloud browser isolation solutions
• Support secure access platforms that provide controlled access to internet and SaaS applications

Support enterprise authentication and application delivery

• Maintain network services that support authentication mechanisms such as SAML and Kerberos
• Work with application delivery and load balancing technologies, including global traffic distribution, SSL offloading/bridging, URI redirection, and HTTP profile configuration

Maintain critical network infrastructure services

• Manage DNS infrastructure, including record creation, monitoring, and troubleshooting
• Implement DNS security and protection capabilities
• Support DNS integration with directory services and DHCP systems

Collaborate across engineering teams

• Work closely with security, identity, and cloud engineering teams to implement network controls that support enterprise security initiatives
• Mentor junior engineers and contribute to operational best practices and documentation
• Participate in troubleshooting, change management, and incident response activities across network infrastructure

WHAT YOU’LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT. The Network Security Engineer Principal must have:
● Education: Bachelors degree. In lieu of degree, 14+ years of experience supporting enterprise networking environments required.
● Experience: 10+ years of experience supporting enterprise networking environments
● Technical skills:

• Strong experience operating internet edge and secure access networking platforms;  SASE tools

• Experience implementing and troubleshooting secure web access controls, including URL filtering and SSL inspection

• Hands-on experience configuring secure tunnels and encrypted network connectivity (e.g., GRE, IPSec)

• Experience working in environments implementing SASE tools  Zero Trust security principles

• Familiarity with cloud-connected networking environments, particularly in large hybrid infrastructures

• Experience supporting application delivery and load balancing technologies, (F5 and/or CloudFlare) including authentication integration and SSL handling

• Strong troubleshooting skills across network, authentication, and application access layers

• Experience managing DNS infrastructure, including security, monitoring, and integration with directory services

• Strong understanding of networking fundamentals including routing, switching, encryption, and identity-aware access controls

● Role requirements: Ability to collaborate effectively across network, security, and identity teams in a large enterprise environment

● Preferred skills not required:

• Industry certifications in networking, cloud networking, or security disciplines

• Experience supporting networking within large-scale cloud SaaS (Zscaler/CloudFlare) platforms

• Experience supporting secure access solutions within enterprise-scale organizations

• Application delivery and load balancing technologies such as F5 and CloudFlare

• DNS infrastructure experience with BlueCat and CloudFlare

● Location: This is a hybrid position that requires working onsite at our our GDIT facility in Falls Church, VA or Herndon, VA. Must be comfortable working onsite (3) days minimum.

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.