Network Security Information Assurance Engineer II
Company Name:
Vectrus
Network Security Information Assurance Engineer II
Work Location OR, Portland
Job Description POSITION
Summary:
Under general supervision, develops information systems assurance programs and control guidelines, assists in resolving technical problems, priorities and methods.
MAJOR JOB ACTIVITIES: Please list by order of priority and, if possible, provide the percentage of time spent on the activity all should equal 100%.
1. Provides network security policy recommendations, project planning, change control, firewall management/release updates, and routing Access Control List (ACL) management.
2. The Network Security Engineers are responsible for configuration policy enforcement, routine maintenance, Virtual Private Network (VPN) policy recommendations, routing policies for Active Directory (AD) domain controllers, IDS, Exchange, and system maintenance.
3. Periodically scan the Network to detect vulnerabilities and reinforce the security infrastructure working in conjunction with the IA teams.
4. Plan network development and expansion as needed. Engineer technical solutions and advise military counterparts of cost impact and timelines for implementing them.
5. Responsible for providing technical and operational engineering support to functional users within the ACE-IT AOR for managing, monitoring and maintaining situational awareness of the networks and systems.
6. Advise on technical and operational requirements to improve performance and quality of service for all networks and systems under the responsibility of the Data Center.
7. Analyze and troubleshoot networks, to include router and switch management and configuration.
8. Analyze and troubleshoot Microsoft Windows Operating Systems, and Microsoft mail applications.
9. Perform network vulnerability analysis and provide incident and violation response support.
10. Provide cyber security awareness and training as required.
11. Apply knowledge of IA policies to include infrastructure to identify and correct anomalies within the infrastructure.
12. Incorporate security disciplines, recommend and develop requirements, specifications, designs, and procedures to satisfy program security policy and planning guidance.
13. Exercise network security policies and procedures.
14. Perform network performance tuning of network infrastructure including routers, switches, fast Ethernet links, network address translations and firewalls.
15. Generate reports, collect and analyze data, determine ways to improve and streamline the network.
16. Perform other duties and assignments as required.
MATERIAL & EQUIPMENT DIRECTLY USED:
Cisco Routers and Switches
Cisco Firewalls
Workstations
Servers
Software applications and network analysis tools
WORKING ENVIRONMENT:
Work is 80% in office and 20% physical on equipment work. Work will include but is not limited to network documentation and diagrams, network equipment installation, switch/router configuration, LAN/WAN troubleshooting, network planning and development, monitoring, management and administration of network devices
PHYSICAL ACTIVITIES:
Individual should be able to lift up to 40 lbs. unassisted.
Required
Experience: MINIMUM
Qualifications:
Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.
Education: Bachelors Degree in IT or related field.
Certifications: This position requires DoDI 8570.01-M IASAE Level I certification and corresponding Computing Environment
certification. Must have at least one of the following: RHCE, BCCPP, CCNP, CCNP Security, CCNP Voice, CCNP Service Provider, CCIE, CCIE Security, CCIE Voice, CCIE Service Provider, MCITP Server Administrator: Windows Server 2008, MCITP Enterprise Administrator: Windows Server 2008, MCITP Virtualization Administrator Windows Server 2008 R2, MCSE Desktop Infrastructure 2012, MCSE Server Infrastructure 2012, MCSE Private Cloud 2012, VCAP 4, VCAP 5.
Experience:
At least 5 years of practical experience in data network installation, engineering or administration in an Enterprise network
environment. . Understanding of basic security principles and their application to an Active Directory Environment. Must be an
expert with Cisco IOS and PIX OS. UNIX, Webpage/automation systems development and programming is a plus. Must be able
to work rotating shift schedules which provide 24 hour day/7 day week coverage.
Skills:
Excellent customer service skills are mandatory.
Extensive experience with system and security design and architecture
Knowledge of LAN/WAN, VPNs, Firewalls, Routers and switches
Experience with software development
Strong understanding of windows and UNIX operating systems and how they relate to network devices
Demonstrated ability to manage teams and projects
Strong understanding of security technologies and concepts
Experience in design and implementation of secure network solutions including DMZs and web portals
Knowledge of Information Assurance and Information Operations technologies and development activities
Understanding of DIACAP and certification and accreditation program
Must be able to work collaboratively across agencies and physical locations
Clearance Level Required at Start Date Secret
Work Status Full-TimeEstimated Salary: $20 to $28 per hour based on qualifications.
Vectrus
Network Security Information Assurance Engineer II
Work Location OR, Portland
Job Description POSITION
Summary:
Under general supervision, develops information systems assurance programs and control guidelines, assists in resolving technical problems, priorities and methods.
MAJOR JOB ACTIVITIES: Please list by order of priority and, if possible, provide the percentage of time spent on the activity all should equal 100%.
1. Provides network security policy recommendations, project planning, change control, firewall management/release updates, and routing Access Control List (ACL) management.
2. The Network Security Engineers are responsible for configuration policy enforcement, routine maintenance, Virtual Private Network (VPN) policy recommendations, routing policies for Active Directory (AD) domain controllers, IDS, Exchange, and system maintenance.
3. Periodically scan the Network to detect vulnerabilities and reinforce the security infrastructure working in conjunction with the IA teams.
4. Plan network development and expansion as needed. Engineer technical solutions and advise military counterparts of cost impact and timelines for implementing them.
5. Responsible for providing technical and operational engineering support to functional users within the ACE-IT AOR for managing, monitoring and maintaining situational awareness of the networks and systems.
6. Advise on technical and operational requirements to improve performance and quality of service for all networks and systems under the responsibility of the Data Center.
7. Analyze and troubleshoot networks, to include router and switch management and configuration.
8. Analyze and troubleshoot Microsoft Windows Operating Systems, and Microsoft mail applications.
9. Perform network vulnerability analysis and provide incident and violation response support.
10. Provide cyber security awareness and training as required.
11. Apply knowledge of IA policies to include infrastructure to identify and correct anomalies within the infrastructure.
12. Incorporate security disciplines, recommend and develop requirements, specifications, designs, and procedures to satisfy program security policy and planning guidance.
13. Exercise network security policies and procedures.
14. Perform network performance tuning of network infrastructure including routers, switches, fast Ethernet links, network address translations and firewalls.
15. Generate reports, collect and analyze data, determine ways to improve and streamline the network.
16. Perform other duties and assignments as required.
MATERIAL & EQUIPMENT DIRECTLY USED:
Cisco Routers and Switches
Cisco Firewalls
Workstations
Servers
Software applications and network analysis tools
WORKING ENVIRONMENT:
Work is 80% in office and 20% physical on equipment work. Work will include but is not limited to network documentation and diagrams, network equipment installation, switch/router configuration, LAN/WAN troubleshooting, network planning and development, monitoring, management and administration of network devices
PHYSICAL ACTIVITIES:
Individual should be able to lift up to 40 lbs. unassisted.
Required
Experience: MINIMUM
Qualifications:
Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.
Education: Bachelors Degree in IT or related field.
Certifications: This position requires DoDI 8570.01-M IASAE Level I certification and corresponding Computing Environment
certification. Must have at least one of the following: RHCE, BCCPP, CCNP, CCNP Security, CCNP Voice, CCNP Service Provider, CCIE, CCIE Security, CCIE Voice, CCIE Service Provider, MCITP Server Administrator: Windows Server 2008, MCITP Enterprise Administrator: Windows Server 2008, MCITP Virtualization Administrator Windows Server 2008 R2, MCSE Desktop Infrastructure 2012, MCSE Server Infrastructure 2012, MCSE Private Cloud 2012, VCAP 4, VCAP 5.
Experience:
At least 5 years of practical experience in data network installation, engineering or administration in an Enterprise network
environment. . Understanding of basic security principles and their application to an Active Directory Environment. Must be an
expert with Cisco IOS and PIX OS. UNIX, Webpage/automation systems development and programming is a plus. Must be able
to work rotating shift schedules which provide 24 hour day/7 day week coverage.
Skills:
Excellent customer service skills are mandatory.
Extensive experience with system and security design and architecture
Knowledge of LAN/WAN, VPNs, Firewalls, Routers and switches
Experience with software development
Strong understanding of windows and UNIX operating systems and how they relate to network devices
Demonstrated ability to manage teams and projects
Strong understanding of security technologies and concepts
Experience in design and implementation of secure network solutions including DMZs and web portals
Knowledge of Information Assurance and Information Operations technologies and development activities
Understanding of DIACAP and certification and accreditation program
Must be able to work collaboratively across agencies and physical locations
Clearance Level Required at Start Date Secret
Work Status Full-TimeEstimated Salary: $20 to $28 per hour based on qualifications.
|
|