Senior Network Security Engineer
Looking for an opportunity to make an impact? Join the Leidos Civil IT (CivIT) team in accelerating cybersecurity in a changing world where we make a difference by protecting critical networks for our government and commercial customers.
At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainable. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.
Are you ready to challenge yourself with an organization that encourage & support career growth on an enterprise-wide scale? Your greatest work is ahead!
We are in search of a Network Security Engineer, Senior to join our National Oceanic and Atmospheric Administration (NOAA) Cyber Security Center (NCSC) Security Engineering & Operations (SEO) team. As a Senior Network Security Engineer, you will play a valuable part in supporting the NCSC’s mission to protect NOAA networks, computers, programs and data from cyber-attack damage and unauthorized access. You will perform a variety of assignments associated with managing and controlling computer information systems in a high paced environment.
In this role, you will provide a support engineering role to the enterprise network security solutions such as firewalls, switches, IPS, tap aggregation, packet capture, content filtering and security automation tools.
You will primarily work on senior level projects and assist in developing and implementing large changes to support the Network Security Engineering team and the larger corporate initiatives.
As a Senior Engineer on the Network Security Engineering team, you will interact regularly with the Infrastructure, Applications, SIEM/SOAR, ISSO, Vulnerability Assessment teams, and on-site technical resources to ensure both the security and on-going stability of NOAA network.
You will be part of a fantastic team working on multiple information systems in a high demand setting ensuring the uninterrupted and secure day to day operation of the cyber security program.
We're looking for a candidate who can support this role from Fairmont, WV/Silver Springs, MD/ or Boulder, CO.
If this sounds like the kind of environment where you can thrive while being challenged, keep reading!
Leidos Civil Group helps modernize infrastructure, systems, and security. We are a trusted partner to both government and highly regulated commercial customers looking for transformative solutions in mission IT, security, software, engineering, and operations. We work with our customers including the FAA, DOE, NASA, National Science Foundation, Transportation Security Administration, Custom and Border Protection, airports, and electric utilities to make the world safer, healthier, and more efficient. To explore and learn more about the Leidos Civil Group, click here!
Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!
- Provide technical services for the NOAA FISMA High system computers and networks used by the NCSC and ESOC to execute against their functions. This includes, but is not limited to, software/hardware patching and NIST 800-53rd high-impact security control configurations.
- Support the NOAA cyber security mission by building, configuring, troubleshooting, and updating the network security capabilities that protect NOAA core networks and information.
- Plan and perform maintenance and upgrade of Juniper network routers, Gigamon Network Terminal Access Point (TAP), Fortinet firewalls, Stealthwatch, remote access systems, and network management systems
- Monitor network connectivity and ensure high quality data transmission using standard network tools (ex: Netbrain, Ansible, or Nagios)
- Serve as a liaison with 3rd party vendors and providers and be able to coordinate troubleshooting and provide real time updates via standard collaboration tools for Google Meeting or Skype for Business
- Create the established network security processes to defend and operate the national NOAA network.
- Provide technical expertise to large or complex projects
- Provide direct end user support to a diverse user base ranging from average desktop users to other IT and Information Security Professionals
- Establish and maintain standard operating procedures for operations team members
- Must have network and firewall engineering experience with designing, implementation, and maintaining Layer 2 and 3 networking devices and/or firewall devices such as Juniper, Dell, Cisco, Fortinet, or Palo Alto
- Participate in an on-call rotation to provide emergency support for the corporate network security environment.
- Provide feedback to team leadership to improve existing solutions so they better meet the business’ needs.
- Provide technical leadership to mid and junior engineers
- Help customers from around the enterprise troubleshoot and resolve their network security related issues.
- Provide technical support for system upgrades, technical refreshes, or new builds per requirements set by the leadership team as well as functional leads
- Be a technical resource for individual projects when his or her knowledge and experience meet the requirements of the project group or task
- Provide critical incident response & problem management including root cause of system problems, such as configuration issues resulting in operational performance degradation or system outages, supporting the government with information and advice on the necessary correction actions and/or interim workarounds relative to network security
- Provide documentation support for designs, implementations, configurations, knowledge base articles relative to network security
- Provide support relative end-user issues regarding all services provided by SEO
- Support the project lifecycle for network security projects as well as projects with dependencies on network security
- Configure and validate secure systems
- Recommend and Develop system solutions ensuring proprietary/confidential data and systems are protected (i.e., system security upgrades, technical refreshes etc,.)
- Adhere to Change Management process
- Must be able to multitask a variety of projects and tasks
- Objects, users, groups & organizational units; ensure AD is available for various authentication services used by users and/or equipment
- Develop and maintain technical documentation and diagrams related to the field communications systems equipment & networks
- Ensure documentation relative operational procedures, services, etc., are written and centrally accessible and updated as necessary
- Have strong communication skills and be a team player
- Bachelor's Degree and 4 to 8+ years of relevant experience, including 4+ years in an enterprise network or security environment. Additional years of relevant experience, training, and/or professional certifications will be considered in lieu of Bachelor's degree.
- 4+ years of design, development, integration, implementation, operations and analysis of cyber security technologies
- Strong knowledge of the OSI 7-layer model
- Strong knowledge of TCP/IP and common application layer protocols
- Fundamental knowledge of IP-based networking, including switching and routing
- Knowledge of Carrier Services
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
- Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
- Knowledge of integrating the organization’s goals and objectives into the architecture.
- Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
- Knowledge of security system design tools, methods, and techniques.
- Knowledge of demilitarized zones.
- Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection)
- Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- Skill in applying and incorporating information technologies into proposed solutions
- Knowledge of cybersecurity and privacy principles
- Experience designing, implementing, and configuring network infrastructure
- Experience providing O&M and engineering support to complex, mission-critical systems
- Experience working closely with customers and users to troubleshoot and resolve complex network related issues
- Ability to work and brief customers to include senior management
- Knowledge of management of classified systems and the required security guidelines associated with secure facilities
- Experience with Information Assurance (IA) hardening and compliance, i.e. STIG & DSS compliance, documentation, etc.
- Must be able to work collaboratively with other system administrators, system engineers, and network engineers in a team environment
- Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs
- Knowledge of IT system operation, maintenance, and security needed to keep equipment functioning properly
- Ability and drive to quickly learn new software and IT concepts
Preferred Experience, Skills, and Education:
- Developing the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
- Network/Cyber Security Training or Certification (ie Securty+, Network+, SPLUNK, FireEye, CCNA, CCIE, etc.)
- Knowledge of NIST SP 800 53 series or ISO 27000 series documents
- Understanding of advanced threat detection in an enterprise environment
- Understanding of malware families, their types, and the threat they pose
- Experience designing, developing, integrating, implementing, operating, and analysis of cybersecurity technologies
- Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution
- Skill in independently making configuration updates to ensure system availability requirements
- Strong problem-solving and analytical skills and demonstrates poise and ability to act calmly and competently in high-pressure and high-stress situations
- Understanding of accepted security practices, troubleshooting issues, attack vectors and customer support
Clearance / Citizenship:
- Must be able to obtain and maintain security clearance, specifically DoD/Secret Clearance or TS/SCI (Interim Secret acceptable).
- US Citizenship is required
- Fairmont, WV
- Silver Springs, MD
- Boulder, CO
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.