Firewall Engineer for National Library of Medicine

Clearance Level
Cyber Engineering
Bethesda, Maryland

REQ#: RQ82599

Travel Required: None
Public Trust: NACI (T1)
Requisition Type: Regular

We are seeking a Sr. Firewall Engineer to support the National Library of Medicine (NLM) in Bethesda, MD.

Duties and Responsibilities:

  • Assisting in day-to-day operational security duties on a network security team handling Cisco, Juniper, Fortinet, and Palo Alto Networks firewalls.
  • Evaluating, recommending, and justifying appropriate commercial off-the-shelf products that support the security program requirements at NLM.
  • Serving as a subject matter expert in systems and network security.
  • Interpreting security scan results, identifying critical vulnerabilities, reducing false positives, and performing or recommending corrective actions to remediate vulnerable systems and applications.
  • Installing, implementing, and maintaining network firewalls that prevent unauthorized access to NLM’s internal networks.
  • Reviewing network firewall rule exception requests to ensure the request meets NIH and NLM policy and perimeter protection standards.
  • Validating security scans for the requested public facing applications to ensure there are no open vulnerabilities requiring mitigation.
  • Implementing or adjusting pertinent network firewall rules.
  • Developing and deploying AWS Cloud Formation scripts to implement and optimize security controls and mechanisms of a cloud infrastructure, including initial and ongoing configuration of related automation and administration.
  • Monitoring AWS Cloud infrastructure and pro-actively mitigating potential incidents before service degradation occurs.
  • Providing guidance to application teams developing on public cloud platforms. You will advise application teams on how to adhere to security standards for cloud, work to identify common patterns and provide templates for application teams.
  • Conducting security controls assessment for new and existing systems, networks, and Web applications.
  • Creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation, such as Wiki. Determines security modes of operation and recommends new or revised security measures and countermeasures for current security challenges.
  • Implementing and maintaining Web security gateways that protect the workstations used by NLM employees.
  • Continuously assessing the effectiveness of security controls on installed systems based on analysis of reported security violations/breaches and implements modifications to enhance effectiveness.

Required Qualifications:

  • BS or equivalent and 10 years experience
  • Minimum of five years system administration experience
  • Minimum of five years system security administration
  • CISSP (if not in hand, must be able to obtain within six months from start date)
  • Experience working with Cisco, Juniper, Fortinet, and Palo Alto Networks networking and security solutions, including routers, switches, and firewalls
  • Experience using common networking tools to aid in troubleshooting, including nmap, Wireshark, tcpdump
  • AWS Cloud security architecture design and implementation experience
  • Basic understanding of proxy and URL filtering services for end users
  • Basic understanding of SIEM operation
  • Expertise in common networking concepts and protocols, including TCP/UDP ports and protocols, OSI Model, Layer 2 switching concepts (spanning tree, VLAN trunking, etc.) and Layer 3 routing concepts (routing protocols, route summarization, redistribution, etc.)
     Strong written and verbal communications skills.
  • Must be able to obtain Tier 3 Non-Critical Sensitive clearance

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.