Network Security Engineer SME

Highlights:

• Why Join Our Team: The Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) Division plays a pivotal role in safeguarding national security and upholding the law. By joining our team, you will directly contribute to equipping law enforcement, national security, and intelligence partners with critical criminal justice information that helps protect the United States. Become part of a dynamic environment where your skills will directly impact the safety and security of our nation.

• About the Team and Work Environment: You will collaborate with a team of highly skilled IT professionals within the FBI’s CJIS Division, working closely with the Communication Technologies Unit (CTU) and the Technical Integration and Support Unit (TISU). Together, these units provide vital networking services and user support for CJIS, ensuring law enforcement professionals have the tools and systems necessary to carry out their work effectively.

• What Makes This Position Unique: This is a rare opportunity to be part of the FBI’s Criminal Justice Information Services (CJIS) Division, playing a critical role in maintaining the systems that keep our nation safe. Your work will have a direct impact on law enforcement agencies, national security, and intelligence organizations.

• Skills You Will Acquire: You will be immersed in a supportive, mission-driven environment that thrives on collaboration and excellence where you will acquire expertise in supporting FBI CJIS systems and infrastructure.

Typical Day:

A typical day involves gathering user network requirements through various methodologies to create detailed technical documentation, system requirements, security requirements, and system test plans. You will conduct systems analysis, certification and accreditation, and integrate secure products. The role also involves performing security test and evaluation while ensuring that complex information systems meet security requirements. You will analyze and assess network security during test events, develop top-level test requirements, and perform functional data analysis. Additionally, you will apply both your technical and business expertise to improve processes and procedure for deploying and maintaining network infrastructure.

Tasks:

• Add and manage nodes in Splunk and Riverbed for monitoring purposes.
• Update monitoring tools using Ansible.
• Interact successfully with both program leads and DOJ partners to ensure objectives are completed on-time.
• Manage information technology security, including backups, firewalls, and routers.
• Provide guidance for design and management of information systems security policy, implementation, and management for a globally distribute MPLS infrastructure.
• Provide network security management and support windows servers.
• Resolve routing and Network Address Translation (NAT) issues utilizing tcpdump and other tools.
• Perform system upgrades and implement any new security policies per agency guidance and policy.
• Key contributions include trouble shooting of complex LAN/WAN infrastructure that include routing protocols BGP, EIGRP and Open Shortest Path First (OSPF), VPNs, web proxy, and XML gateway for enterprise web services.
• Work on different networking concepts and routing protocols like BGP, EIGRP, dynamic multipoint virtual private network (DMVPN) and other LAN/WAN technologies.
• Recommends enterprise information assurance and security standards.
• Develops and implements information assurance/security standards and procedures.
• Coordinates, develops, and evaluates security programs for an organization.
• Recommends information assurance/security solutions to support customers’ requirements.
• Identifies, reports, and resolves security violations.
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Supports customers at the highest levels in the development and implementation of doctrine and policies.
• Performs a variety of system engineering tasks and activities that are broad in nature and are concerned with major systems design, integration, and implementation, including personnel, hardware, software, budgetary, support facilities and/or equipment.
• Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Performs analysis, design, and development of security features for system architectures.
• Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
• Designs, develops, engineers, and implements solutions that meet security requirements.
• Provides integration and implementation of the computer system security solution.
• Analyzes complex information assurance-related technical problems and provides multifaceted engineering and technical support in solving these problems.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
• Ensures that all information systems are functional and secure.
• Perform system security tuning, security monitoring, general and privileged user account management, and reviewing all COTS software products upgrades and patches, including operating systems.
• Monitors and performs script writing, storage management interfaces, network interfaces, external peripheral interfaces, and others systems interfacing.
• Design and execute security system tests.
• Shall support all systems/services certification and Accreditation activities.

Required Qualifications:

• Education: Bachelor’s degree in computer science, information systems, engineering, or a related field is preferred. CompTIA Security + certification is equivalent to a bachelor’s degree.
• Experience: Six years of total experience with two years of current experience in supporting and troubleshooting various computing devices and operating systems. Education/experience substitution – AA Degree and 8 years of experience or HS and 10 years of experience
• Strong technical background
• Proficiency in both networking and cybersecurity technologies and protocols
• Experience in managing and troubleshooting Linux or Unix base operating systems
• Experience with Application Layer Gateway (ALG) [Real-time Transport Protocol (RTP), Real-Time Streaming Protocol (RTSP) and File Transfer Protocol (FTP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP)], Dynamic Host Configuration Protocol (DHCP)
• Experience working in an Agile organization using Scrum, XP, Kanban, and SAFe

Desired Qualification:

• CompTIA A+ certified, CompTIA Security+ certified, CompTIA Advanced Security Practitioner (CASP+) certified or Cisco Certified Cybersecurity Professional (CCCP) preferred.

Position Type Shift Information:

• Normal day shift

Location: Remote

US Citizenship: US Citizenship is required.

Clearance: Current Top Secret Clearance is required.

Ideal Innovations, Inc. is an Equal Opportunity Employer:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or veteran status.

Ideal Innovations, Inc. is a VEVRAA Federal Contractor.