Senior Network Security Engineer
Ignite IT · Suitland, MD · 1 mo ago
HybridEngineeringFull-time
Key Responsibilities
- Provide daily, weekly, monthly, and annual operational support for assigned security systems, including tickets, alerts, health checks, email/phone support, metrics, status reporting, and operational validation
- Administer and troubleshoot enterprise firewalls, including rule bases, NAT, segmentation, high availability, threat prevention, VPN integration, logging, secure baselines, rule reviews, recertification, cleanup, and decommissioning
- Install, configure, maintain, patch, upgrade, back up, and validate firewall, VPN, MFA, and related network security systems in production environments
- Support remote-access VPN, site-to-site VPN, partner connectivity, cloud connectivity, mobile/remote users, certificates, authentication policies, availability, utilization, and user access issues
- Maintain and troubleshoot RSA SecurID Authentication Manager or equivalent MFA services, including servers/appliances, agents, certificates, HA, backups, logs, monitoring, directory integration, VPN authentication, and token lifecycle support
- Respond to incidents, vulnerability notices, urgent requests, vendor advisories, PSIRT notices, system alerts, and emergency troubleshooting while minimizing service disruption
- Create and maintain topology diagrams, equipment inventories, configurations, SOPs, runbooks, implementation plans, rollback plans, build/upgrade procedures, troubleshooting notes, and knowledge articles
- Follow approved change, release, incident, problem, and configuration-management processes; prepare change records, peer-review materials, validation evidence, root-cause analysis, metrics, and audit artifacts
- Support vulnerability remediation, POA&M tracking, continuous monitoring, compliance reviews, audit evidence collection, and coordination with ISSO, system owner, and security governance teams
Requirements
- 7+ years of experience in network security engineering, network infrastructure, cybersecurity infrastructure, or a closely related role
- 5+ years of hands-on experience administering, maintaining, and troubleshooting enterprise firewall platforms in production environments
- Hands-on experience with Cisco security technologies such as Cisco ASA, Firepower, FTD, FMC, AnyConnect/Secure Client, or equivalent Cisco firewall/VPN platforms
- Hands-on experience with Palo Alto Networks technologies such as NGFW, Panorama, GlobalProtect, security profiles, App-ID/User-ID, logging, and policy optimization
- Experience administering or supporting RSA SecurID Authentication Manager or comparable enterprise MFA/two-factor authentication platforms, including token support, server operations, patching/upgrades, backups, certificates, monitoring, and directory/VPN integration
- Strong knowledge of firewall policy, NAT, VPNs, routing, DNS, DHCP, BGP, TLS/certificates, packet captures, log analysis, segmentation, high availability, and common network diagnostic tools
- Experience with enterprise monitoring, logging, SIEM, alerting, vulnerability management, incident response, formal change management, and regulated-environment documentation
- Ability to create clear technical documentation, support customers and stakeholders, prioritize operational work, communicate clearly, and coordinate across technical teams
- Ability to obtain and maintain a Public Trust background investigation