Senior Network Engineer
About the role
This position description does not represent a current opening but may be used to identify candidates with skills and experience to fill a position within Technica Corporation once the contract is awarded. The position is for a Contractor role to support an approximate 3-4 month project. Candidates who express an interest may be considered for future positions at Technica Corporation. If a position becomes available that aligns with your qualifications, our recruitment team will contact you.
Responsibilities
- Lead the engineering, design refinement, implementation, qualification testing, and technical deployment of a modernized wired network infrastructure.
- Design and implement secure network connectivity across corporate, CUI, customer-site, Azure-hosted, GCC High-aligned, and future manufacturing locations.
- Support VPN architecture, configuration, testing, and sustainment for user remote access, site-to-site connectivity, customer-site access, and future manufacturing site deployments.
- Implement network segmentation controls that separate commercial, CUI, restricted manufacturing, vault, administrative, VDI, ERP, partner/customer, and security monitoring environments.
- Support Zero Trust network architecture and policy design by enforcing least-privilege access, deny-by-default traffic patterns, controlled administrative pathways, and documented business-approved data flows.
- Configure and support Palo Alto virtual firewalls in commercial Azure and GCC High-aligned environments, including firewall policies, security profiles, NAT, routing, VPN, management access, logging profiles, and rule documentation.
- Develop and maintain firewall rule sets that are traceable to business requirements, system owners, approved traffic flows, risk decisions, and change control records.
- Support secure remote access patterns for employees, administrators, engineering users, CUI users, and approved customer-site personnel.
- Cooky with identity, endpoint, and Microsoft cloud teams to ensure network access policies align with MFA, Conditional Access, device compliance, role-based access, VDI, and user authorization requirements.
- Support user isolation through dedicated network zones, restricted access paths, secure administrative access, and approved data exchange patterns.
- Coordinate with Microsoft Sentinel/SOC/SIEM teams to forward firewall, VPN, network device, remote access, administrative, and threat telemetry into centralized logging and monitoring workflows.
- Develop network logging and telemetry handoff documentation, including log source inventory, event types, forwarding methods, validation steps, and monitoring use cases.
- Support incident response and operational troubleshooting for VPN failures, firewall policy issues, site connectivity problems, suspicious network events, remote access anomalies, and segmentation violations.
- Participate in vulnerability remediation coordination for network devices, firewalls, VPN components, firmware, virtual appliances, and Azure network security components.
- Develop and maintain network architecture diagrams, firewall policy documentation, VPN design documents, segmentation matrices, traffic flow diagrams, as-built configurations, test results, and administrator runbooks.
- Work closely with the Program Management Office, security architect, cloud engineers, endpoint engineers, SOC/SIEM team, manufacturing stakeholders, compliance team, and system owners to meet schedule, security, and documentation objectives.
Requirements
- Bachelor’s degree in a technical-related field, or an equivalent combination of education and/or experience in a related field.
- Minimum of 12 years’ related experience.
- Experience designing secure network architectures for Microsoft GCC High, regulated Microsoft cloud environments, or FedRAMP-aligned cloud services.
- Experience with Palo Alto virtual firewalls in Azure or hybrid-cloud environments.
- Experience supporting VDI, secure remote administration, privileged access pathways, and restricted data access environments.
- Experience with network automation, infrastructure-as-code, configuration backup, or repeatable site deployment templates.
- Familiarization with DoD implementations, including cybersecurity standards, risk management framework, Security Technical Implementation Guides (STIGs), DoD PKI and certificate frameworks, and ATO.
- Must be a U.S. Citizen and able to obtain a clearance.
- Experience supporting CMMC Level 2, NIST SP 800-171, Defense Industrial Base, aerospace, manufacturing, CUI, ITAR, or export-controlled environments.
Qualifications
- Strong oral and written communication skills.
Skills
- Practical network engineering experience.
- Strong security implementation skills.
- Familiarity with regulated environments.
- The ability to produce maintainable, well-documented configurations suitable for sustainment, audit readiness, and transition to managed operations.
Benefits
Not specified.
Pay
The annual base salary range for this position is $174,000 - $210,000. Please note that the salary information is a general guideline only. Technica considers factors such as scope and responsibilities of the position, candidate's work experience, education/training, key skills, location, as well as market and business considerations when extending an offer.
Schedule
The position will be based in Sterling, VA, or at other select locations as required by the contract and may support a hybrid work schedule. The final approved work schedule arrangement will be coordinated with the hiring manager. This position may require 10%-20% travel.