Braxton-Grant Technologies, Inc. (BGCyberTech)
Senior Network Engineer -NS
Braxton-Grant Technologies, Inc. (BGCyberTech), Columbia, Maryland, United States, 21046
Bachelor's degree in engineering from an accredited college or university is required.
Four (4) years of additional network engineering experience may be substituted for a bachelor's degree.TS/SCI w/Poly Clearance is Required.
Braxton-Grant Technologies is looking for a Senior Network Security Engineer to provide assistance in all aspects of network management from network design through implementation, maintenance, and upgrading of existing networks. The qualified person in this position analyzes designs, specifications, and related documents; implements communication system requirements to support the distributed functionality of a software engineering environment; analyzes network characteristics (e.g. traffic connect time, transmission speeds, packet sizes and throughput); troubleshoots problems and recommends procurement of and/or modifications to network components. Also, he or she will ensure the overall health and strong security posture of complex network architectures. Individual will be actively involved with all phases of network security design, implementation, proactive monitoring, troubleshooting and analysis of firewalls, IDSs, VPNs, security controls and policies. The Engineer will ensure compliance is maintained with DOD Information Assurance requirements as well as ensuring service performance indicators are met or exceeded. Possible duties include but are not limited to:Design solutions, integrate, configure, deploy, test and provide support for numerous types of network devices, interfaces and methodologiesOptimize end-to-end system performance and dataflow managementConfigure and optimize the network to connect various front-end and back-end componentsCoordinate with the system engineering and dataflow efforts to ensure proper mission operations with minimal down timeFacilitate the implementation of high-speed, scalable, fault-tolerant network topologies as applicable to WAN and LAN designImplement specific network solutions to support server requirements to include load-balancing, VPN's, firewall contexts, and network address translation (NAT) where appropriateMinimize network latency and maximize data throughput through design analysis and network performance monitoring toolsManage assigned tasks and provide guidance to junior Network EngineersValidate new and existing dataflow and data formatsCoordinate with appropriate dataflow organizations and end-customer recipients, follow-on data repositories and tasking organizations and understand potential adverse impacts on system-wide dataflowDesign, integrate, test and deploy RF communications solutionsLead large efforts of dynamic requirements and scaleWork with System engineers and cross organizational teams to define requirementsSupport efficient repeatable inspection process of network boundary traffic to inspect for evidence of successful and failed compromises, Advance Persistent Threats, and misuse of standard, permitted servicesSupport efficient repeatable inspection process to support review of all boundary services including but not limited to firewalls, proxies, and VPNs, to ensure the security posture of the services are consistently applied, done so in accordance with mission and industry best practicesSupport regular technical assessments of network boundaries to ensure boundaries remain secure; assessments will include use of security tools in coordination with security elements of the agencySupport monthly reviews of all authorization services to ensure that only authorized users have continued access and that their access is minimized to the greatest extent possible to accomplish their job functionsSupport Security Investigations as requested by Agency Security organizations to include traffic inspection, dissection and reassembly of trafficConsult and engineer next generation solutions to meet changing security needs which are compliant with Agency policies and incorporate industry best practices when possibleDesign, Configure, Deploy and Monitor integration of network security solutions with Agency authorized authentication services including PKI, TACACS, RADIUS, Active Directory and required authorization servicesDesign, Configure, Deploy and Monitor local and global load balancing functions which support network performance while maintaining security solutionsRequired Experience:
Twelve (12) years directly related experience.Five (5) years of experience with What's Up Gold and Netflow.Five (5) years of demonstrated experience in Computer Network Operations - Protection Level (PL) 3 high/high solutions utilizing Layer 2 to Layer 7Security+ CertificationExperience operating, managing, monitoring, and deploying network security devices and systems, using advanced knowledge of security networking devices such as: application, proxy, and packet based firewalls (i.e. McAfee Enterprise firewall appliances, Control Center Management appliances, IPSEC, SSL and SSH applications, Cisco Secure Access Control Servers (ACS), Cisco Security Manager (CSM), Cisco VPN and firewall devices, Web Proxy, Load balancer, and related software and hardware used in LAN/WAN networks).Ability to work independently with little direction and guidance.Excellent writing and communication skills, including the ability to develop analytical documents and conduct oral presentations.Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions.Experience with Intelligence Community Directive (ICD) 503 instructions; system accreditation and security system documentation.Knowledge of IP services (IPv4, VPN, IPv6, Multicast, QOS, SNMP, VOIP, VTC, etc.).Experience in providing reports and products to senior management and customers.Experience with plans, designs, and evaluations of network security systems and architectures.
Desired:
CCNP Security and/or CCNA Security certificationITIL certificationDMVPN experienceSymantec/Blue Coat product certification and experience
Four (4) years of additional network engineering experience may be substituted for a bachelor's degree.TS/SCI w/Poly Clearance is Required.
Braxton-Grant Technologies is looking for a Senior Network Security Engineer to provide assistance in all aspects of network management from network design through implementation, maintenance, and upgrading of existing networks. The qualified person in this position analyzes designs, specifications, and related documents; implements communication system requirements to support the distributed functionality of a software engineering environment; analyzes network characteristics (e.g. traffic connect time, transmission speeds, packet sizes and throughput); troubleshoots problems and recommends procurement of and/or modifications to network components. Also, he or she will ensure the overall health and strong security posture of complex network architectures. Individual will be actively involved with all phases of network security design, implementation, proactive monitoring, troubleshooting and analysis of firewalls, IDSs, VPNs, security controls and policies. The Engineer will ensure compliance is maintained with DOD Information Assurance requirements as well as ensuring service performance indicators are met or exceeded. Possible duties include but are not limited to:Design solutions, integrate, configure, deploy, test and provide support for numerous types of network devices, interfaces and methodologiesOptimize end-to-end system performance and dataflow managementConfigure and optimize the network to connect various front-end and back-end componentsCoordinate with the system engineering and dataflow efforts to ensure proper mission operations with minimal down timeFacilitate the implementation of high-speed, scalable, fault-tolerant network topologies as applicable to WAN and LAN designImplement specific network solutions to support server requirements to include load-balancing, VPN's, firewall contexts, and network address translation (NAT) where appropriateMinimize network latency and maximize data throughput through design analysis and network performance monitoring toolsManage assigned tasks and provide guidance to junior Network EngineersValidate new and existing dataflow and data formatsCoordinate with appropriate dataflow organizations and end-customer recipients, follow-on data repositories and tasking organizations and understand potential adverse impacts on system-wide dataflowDesign, integrate, test and deploy RF communications solutionsLead large efforts of dynamic requirements and scaleWork with System engineers and cross organizational teams to define requirementsSupport efficient repeatable inspection process of network boundary traffic to inspect for evidence of successful and failed compromises, Advance Persistent Threats, and misuse of standard, permitted servicesSupport efficient repeatable inspection process to support review of all boundary services including but not limited to firewalls, proxies, and VPNs, to ensure the security posture of the services are consistently applied, done so in accordance with mission and industry best practicesSupport regular technical assessments of network boundaries to ensure boundaries remain secure; assessments will include use of security tools in coordination with security elements of the agencySupport monthly reviews of all authorization services to ensure that only authorized users have continued access and that their access is minimized to the greatest extent possible to accomplish their job functionsSupport Security Investigations as requested by Agency Security organizations to include traffic inspection, dissection and reassembly of trafficConsult and engineer next generation solutions to meet changing security needs which are compliant with Agency policies and incorporate industry best practices when possibleDesign, Configure, Deploy and Monitor integration of network security solutions with Agency authorized authentication services including PKI, TACACS, RADIUS, Active Directory and required authorization servicesDesign, Configure, Deploy and Monitor local and global load balancing functions which support network performance while maintaining security solutionsRequired Experience:
Twelve (12) years directly related experience.Five (5) years of experience with What's Up Gold and Netflow.Five (5) years of demonstrated experience in Computer Network Operations - Protection Level (PL) 3 high/high solutions utilizing Layer 2 to Layer 7Security+ CertificationExperience operating, managing, monitoring, and deploying network security devices and systems, using advanced knowledge of security networking devices such as: application, proxy, and packet based firewalls (i.e. McAfee Enterprise firewall appliances, Control Center Management appliances, IPSEC, SSL and SSH applications, Cisco Secure Access Control Servers (ACS), Cisco Security Manager (CSM), Cisco VPN and firewall devices, Web Proxy, Load balancer, and related software and hardware used in LAN/WAN networks).Ability to work independently with little direction and guidance.Excellent writing and communication skills, including the ability to develop analytical documents and conduct oral presentations.Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions.Experience with Intelligence Community Directive (ICD) 503 instructions; system accreditation and security system documentation.Knowledge of IP services (IPv4, VPN, IPv6, Multicast, QOS, SNMP, VOIP, VTC, etc.).Experience in providing reports and products to senior management and customers.Experience with plans, designs, and evaluations of network security systems and architectures.
Desired:
CCNP Security and/or CCNA Security certificationITIL certificationDMVPN experienceSymantec/Blue Coat product certification and experience