Network Engineer, Senior
About the role
A well-designed network is critical to move data and enable the Department of Defense (DoD) to achieve their missions. Crafting the right network, with the right equipment and software, requires a combination of technical skill and careful planning. That’s why we need a seasoned Network Engineer like you who knows how to develop the exact network the DoD needs.
Responsibilities
- Use your experience in network design and architecture, system interoperability, OSI model, network transport layers, multi-protocol label switching, gateway protocol, and virtual routing and forwarding to support the nation’s defense and respond to evolving adversaries.
- Develop enterprise-wide infrastructure design, troubleshoot and resolve complex network issues, analyze current working infrastructures, and increase security, reliability, and availability for critical network systems.
- Guide our team of problem-solvers to help the DoD evolve and deploy new capabilities and technologies.
- Optimize client operations and modernization using your expertise in software and hardware firewalls, Cisco hardware, Palo Alto firewalls, Juniper hardware, and optical infrastructure networking.
- Serve as a trusted advisor to clients on critical projects.
- Make an impact on national security missions using your technical curiosity and knowledge of industry standards.
Requirements
- 5+ years of experience designing, deploying, and supporting network and security architectures within DoD hybrid environments, including implementing Zero Trust principles and advanced routing designs such as BGP AS_PATH loop prevention and max-prefix route-limit protection.
- 2+ years of experience implementing and configuring network segmentation or micro segmentation solutions, including Software-Defined Networking (SDN) technologies, container networking, and virtualization platforms.
- 2+ years of experience documenting complex network and security architectures, procedures, and troubleshooting workflows, including Zero Trust Network Access (ZTNA) implementations and detailed documentation of BGP policy behavior, NGFW IDS/IPS configurations, or NAT and SNAT translation flows.
- Experience designing and architecting enterprise network and cybersecurity solutions within DoD hybrid environments, including applying NGFW capabilities, understanding IDS detect and alert vs. IPS block and drop operation, or building resilient routing architectures using BGP operational safeguards.
- Supporting defense programs, standards, or mission requirements directly or indirectly, including Zero Trust initiatives that rely on correct traffic segmentation, NAT and SNAT translation for external communication, and IPS-based enforcement.
- Working with secret classified networks, including the unique security challenges and requirements of these environments within a ZTNA model, such as proper routing controls, segmentation boundaries, or inline IDS or IPS visibility.
- Knowledge of DoD security standards and compliance requirements in a Zero Trust Network Access.
- Secret clearance.
Qualifications
- High school diploma or GED.
- Nice if you have:
- Experience supporting and operating DoD networks.
- Deploying, upgrading, and troubleshooting multivendor network and security platforms, such as Palo Alto, Cisco, Juniper, Dell, HPE, and VMware.
- Administering Linux and Unix systems in enterprise or tactical environments.
- Applying Security Technical Implementation Guides (STIGs) and performing system security hardening.
- Administering Windows systems and services.
- With commercial and DoD cloud networks.
- Bachelor’s degree in Computer Science or Engineering.
- Certifications: CCNA, CCNP, VMware, JNCIA, or JNCP.
Skills
- Enterprise-level network protocols, equipment, emerging technology, and configurations.
- Software and hardware firewalls, Cisco hardware, Palo Alto firewalls, Juniper hardware, and optical infrastructure networking.
- Zero Trust Network Access (ZTNA).
- NGFW capabilities, IDS/IPS configurations, NAT and SNAT translation flows.
- Routing and switching, network design and architecture, system interoperability, IP engineering, network transport layers, multi-protocol label switching, gateway protocol, and virtual routing and forwarding.
- Resilient routing architectures using BGP operational safeguards.
- Correct traffic segmentation, NAT and SNAT translation for external communication, and IPS-based enforcement.
- Proper routing controls, segmentation boundaries, or inline IDS or IPS visibility.
Benefits
The benefits offered by Booz Allen Hamilton include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.
Pay
The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD).
Schedule
Our work model prioritizes collaboration, whether it occurs in person or virtually. Employees working virtually are generally expected to have their cameras on during meetings. The work model for this position is Hybrid.