Full Time Employee
District of Columbia
Palo Alto Firewall Engineer (Job Number:427874)
SAIC has an opening for a Sr. Firewall Engineer located in Washington, DC.
The Vanguard Program currently has an opening for a Senior Firewall Engineer to support a Department of State (DoS) Bureau of Information Resource Management (IRM) program. This program provides transparent, interconnected systems and security supporting the DoS in successfully carrying out its U.S. foreign policy mission. IRM provides enterprise architecture design, engineering, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department. Program is named "Vanguard" and is an IT consolidation consisting of the Department's servers, mainframes, network devices, network perimeter, anti-virus engineering, public key infrastructure (PKI)/biometrics/encryption, monitoring tools, telephony, mobile computing platform, virtual environment, and enclave design/security engineering.
This is a senior network management position within the Vanguard 2.2.1 Service Management Office (SMO), providing general engineering support to multiple firewall and perimeter security systems and devices. The well-qualified candidate will possess and apply comprehensive knowledge regarding perimeter security devices. The candidate must be capable of planning the testing, implementation, and maintenance of perimeter security technologies and devices. The candidate must be capable of evaluating performance results, performing risk assessments, and recommending changes affecting perimeter security configuration/implementations. This position may be supervisory. The position directly supports DoS on-site to provide perimeter security protection to over 80,000 customers globally.
Description of Duties:
- Builds, designs, tests and deploys perimeter security systems to include firewalls, proxy devices, and mail transport agents.
- Facilitates the Firewall Advisory Board for the review and approval of change request affecting the enterprise perimeter.
- Plans, documents, and implements hardware and software refresh and upgrade of perimeter devices.
- Conducts troubleshooting and analysis for fault identification and remediation on perimeter devices. Directs Tier 2 resources for system fault remediation.
- Directs compilation of records and reports concerning perimeter operations and maintenance to analyze the performance of perimeter security systems.
- Provides input to the problem management process, including assessing and evaluating software and hardware anomalies. Supports the root cause analysis efforts to determine problems and develop remediation activities. Interfaces with vendor support service groups to ensure proper support during outages or periods of degraded system performance.
- Manages the transition to operations of perimeter security devices.
- Collaborates with Cross-Bureaus and Agencies to implement network changes as it relates to perimeter security.
- Supports the configuration testing of replacement perimeter devices.
- Creates and maintains standard operating procedures and guides for new and/or existing perimeter hardware and software.
- Attends weekly teleconferences, onsite meetings, and participates in working groups, as related to constant changing security environment.
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
- 8-10 years IT network engineering support experience (Tier II, Tier III, network infrastructure implementation and maintenance).
- Subject matter expert in two or more of the following security devices: Palo Alto Firewalls, ForcePoint StoneSoft NGFW, A10 Network Proxy, Cisco IronPort ESA.
- Experience supporting the configuration and maintenance of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies (Stonegate, Security Appliances, Juniper).
- Firsthand experience in developing and providing quality assurance review of engineering change orders relating to the replacement or enhancement of perimeter security hardware and software.
- Experienced with performing root cause analysis, risk identification and risk mitigation.
- Expert knowledge in configuring Cisco switches.
- Experienced with network monitoring devices such as HP Openview, Nagios, Zenoss, NeuralStar or other similar monitoring tools.
- ITIL ® Foundation certification
- Certifications: StoneGate Firewall/VPN Architect Certification, StoneGate Management Client (SMC) Certification, Microsoft Certified Professional (MCP), Network+, Security+
- Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs).
- Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.
Clearance Requirement: Must have a full Secret clearance with Top Secret eligibility.
Position will require up to 30% travel to Springfield, VA
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC provides systems engineering and integration offerings for large, complex projects. Headquartered in McLean, Virginia, SAIC has approximately 15,000 employees and annual revenues of about $4.3 billion.
EOE AA M/F/Vet/Disability
Job Posting: Nov 14, 2017, 5:17:46 PM
Primary Location: United States-DC-WASHINGTON
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Top Secret
Potential for Teleworking: No
Travel: Yes, 25% of the time
Shift: Day Job