Network Engineer Senior

Description Network Engineer Responsibilities Provide network architectural design, modeling, engineering, implementation, sustainment, migration, technical refresh, and lifecycle services for the DISA Datacenter and Hybrid Multi-Cloud enterprise network infrastructure. Network services and products supported shall include, but are not limited to, routers, switches, firewalls, web application firewalls, DNS, email gateways, proxy services, VPN, Local Area Network (LAN), Wide Area Network (WAN) and protocols, cryptographic devices, associated device software and firmware, diagnostic tools, and automation systems. The contractor shall also support several Intrusion and Detection Systems (IDS) and other network defense architectures in support of cyber defense operations and initiatives. Provide design solutions and implementation guides and use DoD and Industry best practices. Contractor is responsible for providing service transition to operations and shall reference an Information Technology Infrastructure Library (ITIL) Framework. Provide/support implementation solution documents for the configuration and maintenance of DISA hosted Application Delivery Controllers to include software modules such as F5 BIG-IP Local Traffic Manager (LTM), Global Traffic Manager (GTM), Access Policy Manager (APM). Design solution documentation that outlines guidance on licensing, physical architecture, logical configuration, eligibility, checklist application inventory, security policy protection phases, and basic administration to include system configuration baseline and security policy configuration baseline. Build, implement, and document network enabled applications taking into consideration various factors such as infrastructure requirements or limitations, security, and application performance needs and best practices. Responsible for all lifecycle components’ compliance with security controls, including confidentiality, integrity, and availability as well as compliance with Security Technical Implementation Guidelines (STIG) in depth. Engineer and implement network architectural changes in response to future network technology enhancements, DISA customer requirements, security requirements and enhancements, technical refresh efforts, lifecycle requirements, or changes in network capacity requirements. Prepare and solution design/technical documentation to include whitepapers, briefings, and other required documents to support all engineering and implementation efforts with established policy and processes. Adhere to DISA enterprise network standards to include: developing support documentation, leading technical working groups, conducting product evaluations, developing recommendations, and preparing and presenting briefings. Ensure that all engineering and implementation efforts adhere to DISA and DoD policies, and directives from United States Cyber Command (USCC) and Joint Force Headquarters DODIN (JFHQ-DODIN). Requirements Required Skills Must have an active SECRET or higher security clearance. 10+ years of relevant experience with design and implementation of complex Datacenter and Enterprise Network infrastructure in a multi-vendor environment. DoD 8570.01-M/8140.01 IAT Level II Certification (Security+, CySA+, etc.). Relevant secondary certification (i.e. Cisco, F5, Juniper, Palo Alto, Cloud, etc.). Prior experience in a team lead or management role. Excellent verbal and written communication skills. Preferred Skills Relevant Bachelor’s degree or higher. Strong and extensive knowledge of datacenter-based network methods, protocols and technologies to include: Routing [BGP/ OSPF/MP-BGP/ MPLS/VPN/Multicast/PBR]. Switching [RSTP, VLAN, VXLAN, LLDP, VPC, LACP, LAG]. TCP/IP, IPv4, IPv6, UDP, Layer 1 through Layer 7, IPSEC, HAIPE. Firewalls [VPN, ACLs, Whitelisting]. Load balancing [APM, ASM, LTM, GTM]. SDN/ NFV/ IAC [ACI, Service Insertion, Ansible]. Identity and Access Management with RBAC [AAA/RADIUS/TACACS/ LDAP]. Network management and analysis (Performance Manager (PM), Juniper Space, Cisco ISE, Splunk). Structured cabling and installation standards. Application of network security and design practices. Cloud management [AWS/AZURE]. Knowledge in software modules to include: [F5 BIG-IP LTM, GTM, APM, ASM]. Proficiency in use of government systems to track ops and management of systems and performance including but not limited to ITSM, GTMS, Hewlett Packard Operations Orchestration (HPOO), ServiceNow, Microsoft 365.

#J-18808-Ljbffr