Firewall Network Security Engineer

Firewall Network Security Engineer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

* * *

The Opportunity:
The position requires excellent problem-solving skills working with cutting edge technologies. The role is responsible for implementation, modification and maintenance of complex technical environments, networks, and systems. The team manages and maintains a variety of security devices (firewalls, IPS/IDS, proxies, WAFs, VPNs, etc.) in support of the US Courts in accordance with agency security policies and guidelines with a strong emphasis on firewall technologies.

Responsibilities:

• Serves as subject matt er expert on all supported firewall solutions

• Provide 2nd/3rd tier level support for all supported firewalls (Palo Alto)

• Responsible for the planning, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000, 3000, 1400, and 400 series FW’s.

• Providing LAN Management Service for Remotely monitored and administered FW’s for over 560 locations throughout the United States and its territories.

• Plan and conduct complex project studies; includes analyzing multiple data sources and publishing results to the team or to the technical user community

• Responsible for the administration, planning, implementation, organization and operation of Cisco based data communications network and network security devices

• Responsible for troubleshooting network and firewall problems, specifically Palo Alto.

• Monitor that the firewall and network system is adequately monitored to identify and solve data communication problems and user performance issues; this includes understanding chronic issues causing inefficiency in operation and seek resolution

• administer, recommend, and test solutions and new capabilities

• Provides technical security engineering skills to support the overall security goals of the United States Courts as determined by the Committee on Information Technology

• Document network diagrams, infrastructure, IP addressing schemes, routing, security policies, and load-sharing

• Assist individual Courts with troubleshooting, configuring and setup of JFS Palo Alto firewalls

• Provide analysis and support for all design and change requests for the firewall systems

• System maintenance to include patch and security management on all firewall systems

• Test new technologies for compatibility with Judiciary firewall systems

• Maintain updated firmware, signature updates, maintain firewall rules/ACLs

• Manage projects and assigned tasks as required for new technologies and features

• Troubleshoot issues with communications related to security devices and provide some assistance with routing/switching issues

• Collaborate and work with engineering group to implement new technologies and features

• Serve as a primary or secondary on-call engineer on a rotating schedule (shared across all team members)

• Provide guidance for network operation implementation and support process and procedures

• Initiate and report Threat Investigations

Qualifications:

Required: 

• 6+ years of experience in firewall administration, Network and Information Security, network administration, or related technical specialties

• Requires in-depth knowledge of TCP/IP and communication protocols

• Knowledge of IPSec, multicasting and traffic balancing techniques essential

• Hands-on experience with all phases of firewall and network operations, firewall change requests, firewall configuration, network services, and network security Ability to troubleshoot complex multi -vendor network issues in the LAN and WAN networks and working with multiple application and system teams to identify bottlenecks and other network configuration issues

• In-depth knowledge of deep packet troubleshooting with Wireshark and tcpdump

• Excellent analytical skills, organizational, time management and problem-solving skills are essential

• Excellent oral and written communication skills including ability to interact effectively with executives, vendors and department staff

• Enterprise level design experience

• Enterprise level Implementation experience

• Familiarity with SNMP and other network management protocols and tools to measure and monitor remote access systems and components

• Experience with management and reporting tools such as Splunk and SolarWinds

• Strong background in network security

• Solid understanding of network security concepts, such as packet filtering, stateful inspection, and site-to-site/remote VPNs

• Knowledge of high availability in a redundant firewall environment.

• Background in wide area networking.

• Position demands that the incumbent be able to work independently but also be a strong team player

• Must be US citizen and able to pass background check

Desired:

• 1-3 years of experience with various router and switch maintenance and configurations including Cisco and HP

• Knowledge of network routing (BGP,OSPF) and switching protocols, multi cast and QoS protocols, Cisco hardware routers and switches, hands on experience with Cisco Nexus switches is a plus

• 1-3 years of knowledge and experience with both SSL and IPSec remote access VPN solutions, especially Cisco ASA technologies

• Knowledge in HTTP/S, SSL experience and understanding of Unix-like operating systems

• IDS/IPS (Intrusion Detection/Prevention Systems) Knowledge in configuring and managing IDS/IPS systems.

-

________________________________________________________________________________________

What You Can Expect:

 

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

 

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy. 

 

Your potential is limitless. So is ours.

Learn more about CACI here.

________________________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

The proposed salary range for this position is:

$75,200 - 158,100 USD

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.