Senior Firewall/VPN Design Engineer ( R-00065508 )
Leidos is pleased to announce that it has been awarded the Service Management, Integration and Transport program. (SMIT) This is an eight-year, $7.7 billion contract that is responsible for maintaining and modernizing the main global network of the Navy and Marine Corps.
As we continue to grow the program, we are looking to hire a Senior Firewall/VPN Design Engineer in Quantico, VA to support the mission.
The Leidos team will deliver the core backbone of the Navy-Marine Corps Intranet, including cybersecurity services, network operations, service desk, and data transport. Ultimately, Leidos will support the Navy in unifying its shore-based networks and data management to improve capability and service while also saving significant dollars by focusing efforts under one enterprise network.
The selected candidate will assist the Government Lead in the daily engineering duties on systems. Additional job duties and responsibilities include:
- Design, integrate, and test complex large-scale computer networks.
- Design and evaluate communication hardware and software.
- Troubleshoot Local Area Network (LAN)/Base Area Network (BAN)/Wide Area Network (WAN) and other network related problems.
- Provide Navy/Marine Corps, Defense Information Systems Agency (DISA) and Joint interoperability of network design, integration, and implementation.
- Perform network routing utilizing Border Gateway Protocol (BGP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF) routing, and Virtual routing and forwarding (VRF).
- Perform network security utilizing VRF, Multiprotocol Label Switching (MPLS), access control list (ACL), IPSec and Layer 2 Virtual Private Network (L2 VPNs).
- Monitors Rights Management Services for administrators, users and groups.
- Design the capabilities and features that allow end users to access internal and external web content via Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS) protocols.
- Design the capabilities for caching and proxy to enhance information access and performance.
- Actively protects the content that may be accessed through the proxy (i.e. filter by category, allow policy application scheduling, and filter category updates from a Government approved industry provider).
- Develop, update, track, and perform IP scheme and address management.
- Assist with the development and integration of identity and access management requirements.
- Perform integration with public key infrastructure (PKI) certificates and network accounts to support two-factor authentication for all Active Directory (AD) domain account categories and eliminate the need for password-based authentication.
- Perform Capacity and Demand Management activities in accordance with the USMC Circuit Management processes.
- Schedule conversions and cutovers and supports traffic analysis and traffic shaping design plans.
- Provide design and integration of multivendor solutions utilizing Cisco, Juniper, Brocade and other vendor technologies such as Juniper Security Appliances (SSL-VPN and VPN), McAfee Firewalls, and FortiGate Firewalls.
- Design Uniform Resource Locator (URL) filtering, anti-malware, HTTP and HTTPS inspections.
- Perform tasks associated with application networking ports and protocols, Information Assurance (IA), routing and LAN
- Bachelors Degree in IT or related field of study and a minimum of 10 years of experience
- IAT III Certification
- Information Technology Infrastructure Library (ITIL) v3
- Must also possess professional-level certifications in one or more technology related vendor solutions such as Cisco Certified Network Professional (CCNP) Security, Fortinet Certified Network Security Professional (FCNSP), Juniper Networks Certified Specialist Security (JNCIP-SEC), Certified Modeling & Simulation Professional (CMSP), or equivalent certification, or demonstrate sufficient experience in lieu of certification.